CVE-2022-1665 Vulnerability Details

  /     /     /  

CVE-2022-1665 Metadata Quick Info

CVE Published: 21/06/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: redhat | Vendor: n/a | Product: Red Hat Enterprise Linux
Status : PUBLISHED

---

CVE-2022-1665 Description

A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn\'t. These kernel builds don\'t have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-1291
CWE Name: CWE-1291
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).