Recently, Redhat issued a risk notice for the Linux Kernel privilege escalation vulnerability, the vulnerability number is CVE-2022-3239. This flaw is a use-after-free bug that was found in the Linux kernel video4linux driver. The reason is the call kref_get function before kref_init finished in em28xx_usb_probe.
“A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system,” read the MITRE CVE.
The issue is a use-after-free vulnerability was identified within the em28xx_usb_probe() function which can be exploited to achieve privilege escalation to root. Use-after-free refers to a memory corruption bug that occurs when an application tries to use memory no longer assigned to it (or freed) – after that memory has been assigned to another application. This can cause crashes and data to be inadvertently overwritten, or in cyber attack scenarios can lead to arbitrary code execution or allow an attacker to gain remote code execution capabilities.
The CVE-2022-3239 flaw (CVSS score: 7.0) was fixed in Linux kernel 5.18 RC1. At present, Linux kernel maintainers have officially issued security patches. It’s recommended that users update Linux servers immediately and apply the patches for other distros as soon as they are available.
