What is CVE-2022-4744?

CVE-2022-4744 is a vulnerability in Kernel, classified under CWE-460. Published 2023-03-30.

Is CVE-2022-4744 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Kernel

CVE-2022-4744

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or pote…

EPSS: 0.001 (27.0th percentile) — read the EPSS interpretation.

Affected products

N/a Kernel — versions Linux kernel 5.16-rc7

Weakness classification (CWE)

CWE-460

Public proof-of-concept exploits

OSS-SASM/RhsaCveScanner

References

git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/
packetstormsecurity.com/files/171912/CentOS-Stream-9-Missing-Kernel-Security-Fi…
[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update (mailing-list)
security.netapp.com/advisory/ntap-20230526-0009/

Frequently asked questions

What is CVE-2022-4744?: CVE-2022-4744 is a vulnerability in Kernel, classified under CWE-460. Published 2023-03-30.
Is CVE-2022-4744 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.