CVE-2022-49056 - Vulnerability Details

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://lore.kernel.org/linux-cve-announce/2025022652-CVE-2022-49056-f882@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49056
https://www.cve.org/CVERecord?id=CVE-2022-49056

History

Tue, 20 May 2025 14:45:00 +0000

Type	Values Removed	Values Added
References	https://git.kernel.org/stable/c/262960775e0d2cdf97a3e33993e95e13175df4bb https://git.kernel.org/stable/c/701521403cfb228536b3947035c8a6eca40d8e58

Tue, 20 May 2025 14:00:00 +0000

Type	Values Removed	Values Added
Description	In the Linux kernel, the following vulnerability has been resolved: io_uring: abort file assignment prior to assigning creds We need to either restore creds properly if we fail on the file assignment, or just do the file assignment first instead. Let's do the latter as it's simpler, should make no difference here for file assignment.	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Title	io_uring: abort file assignment prior to assigning creds	kernel: io_uring: abort file assignment prior to assigning creds

Thu, 27 Feb 2025 01:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025022652-CVE-2022-49056-f882@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-49056 https://www.cve.org/CVERecord?id=CVE-2022-49056
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 26 Feb 2025 02:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: io_uring: abort file assignment prior to assigning creds We need to either restore creds properly if we fail on the file assignment, or just do the file assignment first instead. Let's do the latter as it's simpler, should make no difference here for file assignment.
Title		io_uring: abort file assignment prior to assigning creds
References		https://git.kernel.org/stable/c/262960775e0d2cdf97a3e33993e95e13175df4bb https://git.kernel.org/stable/c/701521403cfb228536b3947035c8a6eca40d8e58

MITRE

Status: REJECTED

Assigner: Linux

Published: 2025-02-26T01:54:28.256Z

Updated: 2025-05-20T13:54:51.614Z

Reserved: 2025-02-26T01:49:39.243Z

Link: CVE-2022-49056

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2025-02-26T07:00:42.863

Modified: 2025-05-20T14:15:26.397

Link: CVE-2022-49056

Redhat

Severity : Moderate

Publid Date: 2025-02-26T00:00:00Z

Links: CVE-2022-49056 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object