What is CVE-2022-3650?

CVE-2022-3650 is a vulnerability in Ceph, classified under CWE-842. Published 2023-01-17.

Is CVE-2022-3650 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ceph

CVE-2022-3650

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

EPSS: 0.000 (8.3th percentile) — read the EPSS interpretation.

Affected products

N/a Ceph — versions unknown

Weakness classification (CWE)

CWE-842

Public proof-of-concept exploits

fkie-cad/nvd-json-data-feeds
w4zu/Debian_

References

seclists.org/oss-sec/2022/q4/41
lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/…
security.gentoo.org/glsa/202312-10

Frequently asked questions

What is CVE-2022-3650?: CVE-2022-3650 is a vulnerability in Ceph, classified under CWE-842. Published 2023-01-17.
Is CVE-2022-3650 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.