CVE 2022-30594
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
Related bugs and status
CVE-2022-30594 (Candidate) is related to these bugs:
Bug #1972740: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1972740 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux (Ubuntu) | High | Fix Committed | ||
| 1972740 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux (Ubuntu Jammy) | High | Fix Released | ||
| 1972740 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux (Ubuntu Xenial) | High | Triaged | ||
| 1972740 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux (Ubuntu Bionic) | High | Fix Released | ||
| 1972740 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux (Ubuntu Impish) | High | Fix Released | ||
| 1972740 | Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option | linux (Ubuntu Focal) | High | Fix Released | ||
Bug #1973924: jammy/linux: 5.15.0-33.34 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow boot-testing | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow kernel-signoff | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow prepare-package-lrg | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow prepare-package-lrm | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow prepare-package-lrs | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Invalid | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow sru-review | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | linux (Ubuntu Jammy) | Medium | Fix Released | ||
| 1973924 | jammy/linux: 5.15.0-33.34 -proposed tracker | Kernel SRU Workflow new-review | Undecided | Fix Released | ||
Bug #1973981: focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Invalid | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow boot-testing | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow kernel-signoff | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow prepare-package-lrg | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow prepare-package-lrm | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow prepare-package-lrs | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Invalid | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow sru-review | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | linux-oem-5.14 (Ubuntu Focal) | Medium | Fix Released | ||
| 1973981 | focal/linux-oem-5.14: 5.14.0-1038.42 -proposed tracker | Kernel SRU Workflow new-review | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
