CVE-2022-4415

low-risk

Published 2023-01-11

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Systemd

Affected Vendors

Systemd Project

References (6)

Exploit https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb...

Mailing List https://www.openwall.com/lists/oss-security/2022/12/21/3

http://seclists.org/fulldisclosure/2025/Jun/9

Exploit https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb...

https://security.netapp.com/advisory/ntap-20230216-0010/

Mailing List https://www.openwall.com/lists/oss-security/2022/12/21/3

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal