Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-21505

In the linux kernel, if IMA appraisal is used with the "ima_appraise=log" boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents setting "ima_appraise=log" from the boot param when Secure Boot is enabled, but this does not cover cases where lockdown is used without Secure Boot. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity, Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Published

2024-12-24T19:15:06.763

Last Modified

2025-06-18T20:42:10.643

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Secondary
CWE-346

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	oracle	linux	7	Yes
Operating System	oracle	linux	8	Yes
Operating System	oracle	linux	9	Yes

References

https://git.kernel.org/linus/543ce63b664e2c2f9533d089a4664b559c3e6b5b Broken Link ([email protected])
https://linux.oracle.com/cve/CVE-2022-21505.html Vendor Advisory ([email protected])