CVE-2022-0185

CVE Database · CVE-2022-0185

CVE-2022-0185

· HIGHAnalyzed

CVSS v3.1

8.4

EPSS

25.15%

Published

Feb 11, 2022

Modified

Nov 6, 2025

CISA Known Exploited Vulnerability

Added: 2024-08-21 · Due: 2024-09-11

Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.

Public PoC / Exploit (9)

All weaponized →

TrickestTrickest PoC index GitHub PoCCrusaders-of-Rust/CVE-2022-0185★374 GitHub PoCchenaotian/CVE-2022-0185★37 GitHub PoCveritas501/CVE-2022-0185-PipeVersion★16 GitHub PoCdiscordianfish/cve-2022-0185-crash-poc★5 GitHub PoCfeatherL/CVE-2022-0185-exploit★3 GitHub PoCdcheng69/CVE-2022-0185-Case-Study★3 GitHub PoCkhaclep007/CVE-2022-0185★0 GitHub PoCsandesh9978/CVE-2022-0185-Analysis-and-Exploit★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-190CWE-191

Affected Products (20)

linux · linux_kernel (up to 5.4.173)vulnerable

linux · linux_kernel (up to 5.10.93)vulnerable

linux · linux_kernel (up to 5.15.16)vulnerable

linux · linux_kernel (up to 5.16.2)vulnerable

netapp · h410c_firmwarevulnerable

netapp · h410c

netapp · h300s_firmwarevulnerable