Kernel Vulnerability in Oracle Solaris by Oracle Systems
CVE-2022-21463

5.5MEDIUM

Key Information:

Vendor: Oracle
Status: Solaris Operating System
Vendor: CVE Published:; 19 April 2022

Summary

An exploitable kernel vulnerability in Oracle Solaris allows a low privileged attacker with access to the infrastructure to disrupt service. By leveraging this weakness, an attacker can induce frequent crashes or hangs of the operating system, leading to significant availability issues. This flaw poses a risk of complete denial of service, impacting operations reliant on Oracle Solaris.

Affected Version(s)

Solaris Operating System 11

References

https://www.oracle.com/security-alerts/cpuapr2022.html

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 19, 2022
Vulnerability Reserved
Nov 15, 2021