Kernel Vulnerability in Oracle Solaris by Oracle Systems
CVE-2022-21494

4MEDIUM

Key Information:

Vendor: Oracle
Status: Solaris Operating System
Vendor: CVE Published:; 19 April 2022

What is CVE-2022-21494?

A vulnerability exists within the Kernel of Oracle Solaris that allows a high-privileged attacker logged onto the system to exploit the infrastructure. While the attack requires human interaction from an individual other than the attacker, it poses a significant risk of system instability. Successful exploitation can lead to repeated crashes or a denial of service, affecting the availability of Oracle Solaris and potentially disrupting operations.

Affected Version(s)

Solaris Operating System 11

References

https://www.oracle.com/security-alerts/cpuapr2022.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 19, 2022
Vulnerability Reserved
Nov 15, 2021