Wiz
Vulnerability DatabaseCVE-2022-2977

CVE-2022-2977
Linux Kernel vulnerability analysis and mitigation

Overview

A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default), a local attacker can create a use-after-free condition that may enable privilege escalation on the system. The vulnerability was discovered and disclosed in August 2022, affecting Linux kernel versions prior to 5.18 (CVE Mitre).

Technical details

The vulnerability has been assigned a CVSS v3.1 score of 7.8 (HIGH) with the vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The issue specifically affects systems where virtualized TPM devices are configured, which is not the default configuration. The vulnerability exists in the kernel's implementation of proxied virtualized TPM devices and manifests as a use-after-free condition (NetApp Security).

Impact

The successful exploitation of this vulnerability could lead to privilege escalation, allowing an attacker to gain elevated access to the system. The impact includes potential disclosure of sensitive information, addition or modification of data, and possible Denial of Service (DoS) conditions (NetApp Security).

Mitigation and workarounds

The vulnerability was addressed in Linux kernel version 5.18 and subsequent versions. A fix was also backported to various stable kernel branches. The fix can be found in the Linux kernel repository through commit 9d8e7007dc7c4d7c8366739bbcd3f5e51dcd470f (Kernel Commit).

Additional resources

SourceThis report was generated using AI

Related Linux Kernel vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40258HIGH7
  • Linux KernelLinux Kernel
  • kernel-zfcpdump-devel-matched
NoNoDec 04, 2025
CVE-2025-40259MEDIUM6.2
  • Linux KernelLinux Kernel
  • kernel-64k-devel
NoNoDec 04, 2025
CVE-2025-40264MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-rt-64k-debug-kvm
NoNoDec 04, 2025
CVE-2025-40254MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-modules-partner
NoNoDec 04, 2025
CVE-2025-40253MEDIUM5.5
  • Linux KernelLinux Kernel
  • python3-perf
NoNoDec 04, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo