Use-after-free vulnerability in ESET products for Linux
CVE-2022-0615

5.9MEDIUM

Key Information:

Vendor: Eset, Spol. S R.o.
Status: Endpoint Antivirus For Linux; Eset Server Security For Linux
Vendor: CVE Published:; 25 February 2022

What is CVE-2022-0615?

Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system.

Affected Version(s)

Endpoint Antivirus for Linux 7.1.6.0 <= 7.1.9.0

Endpoint Antivirus for Linux 8.0.3.0 <= 8.1.5.0

ESET Server Security for Linux 7.2.463.0 <= 7.2.574.0

References

https://support.eset.com/en/ca8230

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 25, 2022
Vulnerability Reserved
Feb 15, 2022

Eset, Spol. S R.o.

What is CVE-2022-0615?

Affected Version(s)

References

CVSS V3.1

Timeline