FKIE_CVE-2022-23091
Vulnerability from fkie_nvd - Published: 2024-02-15 06:15 - Updated: 2025-06-04 22:09
Severity ?
Summary
A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause.
An unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freebsd | freebsd | * | |
| freebsd | freebsd | 12.3 | |
| freebsd | freebsd | 12.3 | |
| freebsd | freebsd | 12.3 | |
| freebsd | freebsd | 12.3 | |
| freebsd | freebsd | 12.3 | |
| freebsd | freebsd | 12.3 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.0 | |
| freebsd | freebsd | 13.1 | |
| freebsd | freebsd | 13.1 | |
| freebsd | freebsd | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21DD7BCE-A20E-4014-8E35-DB6EC1FB12B0",
"versionEndExcluding": "12.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E231B24D-5CA9-4107-A819-57EE116AD644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "3B6DCD8A-331E-419F-9253-C4D35C1DF54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p2:*:*:*:*:*:*",
"matchCriteriaId": "4578E06C-16C6-435E-9E51-91CB02602355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p3:*:*:*:*:*:*",
"matchCriteriaId": "71FA1F6C-7E53-40F8-B9E1-5FD28D5DAADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p4:*:*:*:*:*:*",
"matchCriteriaId": "0EC87BCE-17F0-479B-84DC-516C24FBD396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p5:*:*:*:*:*:*",
"matchCriteriaId": "620C23ED-400C-438C-8427-94437F12EDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "174265E7-6B73-4546-B4C7-3826C7EB5624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7412DBD8-BB1F-48A8-AAE1-BA5C8D7BDDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "833DFF5B-BC50-424A-ABCF-EC632F421B76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "9F27016E-4117-4094-BB7A-9C56E38024D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta3-p1:*:*:*:*:*:*",
"matchCriteriaId": "EC7326E3-908D-47A1-B848-3AA7F34B3DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "B149BF69-951D-47B4-996C-9E4773DA75B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "04A0E266-714C-4753-A652-A51F25582C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "D133E8E0-4E88-451C-9693-5DE5C3092AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "FF1A096F-EC60-4C7D-AE40-D1DDAC9D4E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "556111A1-C236-4DF6-9438-F9C874451A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "1673F16B-463A-492C-B66F-48917008F7F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "E73B211F-2CA9-47A4-B318-F24CC1C7E589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "7C13DDEF-FF5F-4723-9C25-4EA66AE2CEDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "7A942EA9-0DD3-44BC-B582-C680BA34E88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "689BC10B-0404-4468-B604-9D96337F9BD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "38DDAA43-3E9C-479F-8416-E3B9BE23C31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "AE490480-1EA1-4684-A643-9749E87A8448",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FC271C93-EB83-4301-B7BA-F3249B71B1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "04329338-AC28-4A74-BE6B-CE8EC6CC37B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "ADBA841F-5C83-4759-84B7-B59DA1B12EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6A8F38B3-A6DA-4178-A2BD-0D4F0267C384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "9BB028A0-70F6-42DA-9E5A-F7AAF74ED45B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.0:rc5-p1:*:*:*:*:*:*",
"matchCriteriaId": "00D28E4E-022B-482E-9952-7F7F47C427C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b1-p1:*:*:*:*:*:*",
"matchCriteriaId": "66364EA4-83B1-4597-8C18-D5633B361A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b2-p2:*:*:*:*:*:*",
"matchCriteriaId": "EF9292DD-EFB1-4B50-A941-7485D901489F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1:*:*:*:*:*:*",
"matchCriteriaId": "B536EE52-ED49-4A85-BC9D-A27828D5A961",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A particular case of memory sharing is mishandled in the virtual memory system. This is very similar to SA-21:08.vm, but with a different root cause.\n\nAn unprivileged local user process can maintain a mapping of a page after it is freed, allowing that process to read private data belonging to other processes or the kernel."
},
{
"lang": "es",
"value": "Un caso particular de compartir memoria se maneja mal en el sistema de memoria virtual. Esto es muy similar a SA-21:08.vm, pero con una causa ra\u00edz diferente. Un proceso de usuario local sin privilegios puede mantener un mapeo de una p\u00e1gina despu\u00e9s de que se libera, lo que permite que ese proceso lea datos privados que pertenecen a otros procesos o al kernel."
}
],
"id": "CVE-2022-23091",
"lastModified": "2025-06-04T22:09:07.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-02-15T06:15:45.147",
"references": [
{
"source": "secteam@freebsd.org",
"tags": [
"Vendor Advisory"
],
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-22:11.vm.asc"
},
{
"source": "secteam@freebsd.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240415-0008/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://security.freebsd.org/advisories/FreeBSD-SA-22:11.vm.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240415-0008/"
}
],
"sourceIdentifier": "secteam@freebsd.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…