{"containers": {"cna": {"affected": [{"product": "Kernel", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed in v5.8-rc6"}]}], "descriptions": [{"lang": "en", "value": "An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-29T14:03:05", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"}, {"tags": ["x_refsource_MISC"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/CVE-2022-0812"}, {"tags": ["x_refsource_MISC"], "url": "https://ubuntu.com/security/CVE-2022-0812"}, {"url": "https://security.netapp.com/advisory/ntap-20230427-0011/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:40:04.254Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://access.redhat.com/security/cve/CVE-2022-0812"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://ubuntu.com/security/CVE-2022-0812"}, {"url": "https://security.netapp.com/advisory/ntap-20230427-0011/", "tags": ["x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-0812", "datePublished": "2022-08-29T14:03:05", "dateReserved": "2022-03-01T00:00:00", "dateUpdated": "2024-08-02T23:40:04.254Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B3B9FFD-856C-4B58-ADD4-EE58BA12ECB4", "versionEndExcluding": "5.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.8.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "937239B6-1959-4099-AA57-039A3A661BE8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.8.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "36DDFE55-065B-4549-A2EF-4F3C3015C7E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.8.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "1A8D373F-782F-41EC-AAC9-BB62BE3FDC00", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.8.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "5595D162-7A55-4223-9A78-7AAEFDA5B8D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.8.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "49E44009-A5C4-411E-B457-3634AFC4049C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information."}, {"lang": "es", "value": "Se ha encontrado un fallo de filtrado de informaci\u00f3n en NFS sobre RDMA en el archivo net/sunrpc/xprtrdma/rpc_rdma.c en el Kernel de Linux. Este fallo permite a un atacante privilegiado de usuario normales filtrar informaci\u00f3n del kernel"}], "id": "CVE-2022-0812", "lastModified": "2024-11-21T06:39:26.847", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2022-08-29T15:15:09.863", "references": [{"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2022-0812"}, {"source": "[email protected]", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361"}, {"source": "[email protected]", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"}, {"source": "[email protected]", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1"}, {"source": "[email protected]", "url": "https://security.netapp.com/advisory/ntap-20230427-0011/"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/CVE-2022-0812"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2022-0812"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058361"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20230427-0011/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://ubuntu.com/security/CVE-2022-0812"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: NFS over RDMA random memory leakage", "id": "2058955", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058955"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-401", "details": ["An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information.", "An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information."], "name": "CVE-2022-0812", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-02-24T18:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-0812\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-0812"], "statement": "There was no shipped kernel version that was seen affected by this problem.", "threat_severity": "Moderate"}