Rewterz Threat Advisory – CVE-2022-1280 – Linux Kernel Vulnerability

Rewterz Threat Advisory – CVE-2022-0023 – Palo Alto Networks PAN-OS Vulnerability

April 14, 2022

Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs

April 14, 2022

Rewterz Threat Advisory – CVE-2022-1280 – Linux Kernel Vulnerability

Severity

High

Analysis Summary

CVE-2022-1280

Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the drm_lease_held function in drivers/gpu/drm/drm_lease.c. By sending a specially crafted request, a locally authenticated attacker could exploit this vulnerability to cause a denial of service condition or obtain sensitive information.

Impact

System Performance Degradation
Denial of Service

Indicators Of Compromise

CVE

CVE-2022-1280

Affected Vendors

Linux

Affected Products

Linux Kernel 5.10
Linux Kernel 5.4
Linux Kernel 4.19.10

Remediation

Refer to Linux Kernel Advisory for the patches, upgrade,s or workarounds here:

Linux Kernel

Rewterz Threat Advisory – CVE-2022-0023 – Palo Alto Networks PAN-OS Vulnerability

Rewterz Threat Alert – Snake Keylogger’s Malware – Active IOCs

Rewterz Threat Advisory – CVE-2022-1280 – Linux Kernel Vulnerability

Severity

Analysis Summary

CVE-2022-1280

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan