A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
https://lore.kernel.org/netdev/[email protected]/T/
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=35306eb23814
https://bugzilla.redhat.com/show_bug.cgi?id=2036934
Source: MITRE
Published: 2022-03-25
Updated: 2022-12-08
Type: CWE-362
Base Score: 4.9
Vector: AV:N/AC:M/Au:S/C:P/I:N/A:P
Impact Score: 4.9
Exploitability Score: 6.8
Severity: MEDIUM
Base Score: 6.8
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Impact Score: 5.2
Exploitability Score: 1.6
Severity: MEDIUM