Security Advisory

CVE-2022-3977

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-12 00:00:00

Last updated 2025-04-08 18:03:56

Assigner redhat

State PUBLISHED

Description

A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system.

← Browse all CVEs View on cve.org ↗