Kernel Vulnerability in Oracle Solaris by Oracle Systems
CVE-2022-21439

4.2MEDIUM

Key Information:

Vendor: Oracle
Status: Solaris Operating System
Vendor: CVE Published:; 19 July 2022

Summary

A vulnerability in the Oracle Solaris kernel allows a high-privileged attacker with login access to compromise the system. This vulnerability requires human interaction from a person other than the attacker for successful exploitation. Successful attacks can lead to unauthorized execution of commands that may result in a denial of service (DoS), characterized by system hangs or frequent crashes. The affected versions include Oracle Solaris 10 and 11, making it crucial for users to apply necessary mitigations.

Affected Version(s)

Solaris Operating System 10

Solaris Operating System 11

References

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2022
Vulnerability Reserved
Nov 15, 2021