Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-4128 (GCVE-0-2022-4128)
Vulnerability from cvelistv5 – Published: 2022-11-28 00:00 – Updated: 2025-04-14 18:08
VLAI?
EPSS
Summary
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.
Severity ?
5.5 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Linux kernel (mptcp) |
Affected:
Fixed in 5.19
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:54.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-4128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:18:39.019070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T18:08:50.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Linux kernel (mptcp)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 5.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-28T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/"
},
{
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-4128",
"datePublished": "2022-11-28T00:00:00.000Z",
"dateReserved": "2022-11-23T00:00:00.000Z",
"dateUpdated": "2025-04-14T18:08:50.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/5c835bb142d4\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T01:27:54.495Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-4128\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-14T16:18:39.019070Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-14T16:25:16.737Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Linux kernel (mptcp)\", \"versions\": [{\"status\": \"affected\", \"version\": \"Fixed in 5.19\"}]}], \"references\": [{\"url\": \"https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/\"}, {\"url\": \"https://github.com/torvalds/linux/commit/5c835bb142d4\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2022-11-28T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-4128\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-14T18:08:50.265Z\", \"dateReserved\": \"2022-11-23T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2022-11-28T00:00:00.000Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CVE-2022-4128
Vulnerability from fstec - Published: 11.07.2022
VLAI Severity ?
Title
Уязвимость реализации протокола MPTCP ядра операционной системы Linux в функции mptcp_copy_inaddrs(), позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость реализации протокола MPTCP ядра операционной системы Linux связана с разыменованием нулевого указателя в функции mptcp_copy_inaddrs() в модуле net/mptcp/protocol.c при обходе списка вложенных потоков во время отключения. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании
Severity ?
Vendor
Сообщество свободного программного обеспечения
Software Name
Linux
Software Version
от 5.17 до 5.18.12 включительно (Linux)
Possible Mitigations
Использование рекомендаций:
Для Linux:
https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/
https://github.com/torvalds/linux/commit/5c835bb142d4
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4128
https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/
https://github.com/torvalds/linux/commit/5c835bb142d4
https://bugzilla.redhat.com/show_bug.cgi?id=2134380
https://access.redhat.com/security/cve/CVE-2022-4128
https://www.cve.org/CVERecord?id=CVE-2022-4128
https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13
CWE
CWE-476
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 5.17 \u0434\u043e 5.18.12 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/\nhttps://github.com/torvalds/linux/commit/5c835bb142d4\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.07.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.05.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.05.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-04155",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-4128",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.17 \u0434\u043e 5.18.12 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 MPTCP \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 mptcp_copy_inaddrs(), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 MPTCP \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 mptcp_copy_inaddrs() \u0432 \u043c\u043e\u0434\u0443\u043b\u0435 net/mptcp/protocol.c \u043f\u0440\u0438 \u043e\u0431\u0445\u043e\u0434\u0435 \u0441\u043f\u0438\u0441\u043a\u0430 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u0442\u043e\u043a\u043e\u0432 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4128\nhttps://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/\nhttps://github.com/torvalds/linux/commit/5c835bb142d4\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2134380\nhttps://access.redhat.com/security/cve/CVE-2022-4128\nhttps://www.cve.org/CVERecord?id=CVE-2022-4128\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.13",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
CNVD-2022-85505
Vulnerability from cnvd - Published: 2022-12-06
VLAI Severity ?
Title
Linux kernel MPTCP协议拒绝服务漏洞
Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux mptcp_protocol 5.19之前版本存在拒绝服务漏洞,该漏洞源于其在断开连接时遍历子流列表时,MPTCP协议存在空指针解引用,本地攻击者可利用漏洞发起拒绝服务攻击。
Severity
中
Patch Name
Linux kernel MPTCP协议拒绝服务漏洞的补丁
Patch Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。
Linux mptcp_protocol 5.19之前版本存在拒绝服务漏洞,该漏洞源于其在断开连接时遍历子流列表时,MPTCP协议存在空指针解引用,本地攻击者可利用漏洞发起拒绝服务攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新:https://github.com/torvalds/linux/commit/5c835bb142d4
Reference
https://github.com/torvalds/linux/commit/5c835bb142d4
Impacted products
| Name | Linux mptcp_protocol <5.19 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2022-4128",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2022-4128"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\n\nLinux mptcp_protocol 5.19\u4e4b\u524d\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5176\u5728\u65ad\u5f00\u8fde\u63a5\u65f6\u904d\u5386\u5b50\u6d41\u5217\u8868\u65f6\uff0cMPTCP\u534f\u8bae\u5b58\u5728\u7a7a\u6307\u9488\u89e3\u5f15\u7528\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1ahttps://github.com/torvalds/linux/commit/5c835bb142d4",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2022-85505",
"openTime": "2022-12-06",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux mptcp_protocol 5.19\u4e4b\u524d\u7248\u672c\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5176\u5728\u65ad\u5f00\u8fde\u63a5\u65f6\u904d\u5386\u5b50\u6d41\u5217\u8868\u65f6\uff0cMPTCP\u534f\u8bae\u5b58\u5728\u7a7a\u6307\u9488\u89e3\u5f15\u7528\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel MPTCP\u534f\u8bae\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Linux mptcp_protocol \u003c5.19"
},
"referenceLink": "https://github.com/torvalds/linux/commit/5c835bb142d4",
"serverity": "\u4e2d",
"submitTime": "2022-11-30",
"title": "Linux kernel MPTCP\u534f\u8bae\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}
CVE-2022-4128
Vulnerability from osv_almalinux
Published
2023-05-09 00:00
Modified
2023-05-12 03:34
Summary
Important: kernel security, bug fix, and enhancement update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
- net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
- cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
- malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
- possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
- KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
- use-after-free in free_pipe_info() could lead to privilege escalation (CVE-2022-1882)
- KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
- netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
- race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
- out-of-bounds read in fib_nh_match of the file net/ipv4/fib_semantics.c (CVE-2022-3435)
- race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
- memory leak in ipv6_renew_options() (CVE-2022-3524)
- data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
- data races around sk->sk_prot (CVE-2022-3567)
- memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
- denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
- use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
- USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
- use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (CVE-2022-3640)
- Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
- mptcp: NULL pointer dereference in subflow traversal at disconnect time (CVE-2022-4128)
- l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
- igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
- lockdown bypass using IMA (CVE-2022-21505)
- double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)
- network backend may cause Linux netfront to use freed SKBs (XSA-405) (CVE-2022-33743)
- unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
- TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
- u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
- use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
- use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
- BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
- Denial of service in beacon protection for P2P-device (CVE-2022-42722)
- memory corruption in usbmon driver (CVE-2022-43750)
- NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
- NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
- use-after-free due to race condition in qdisc_graft() (CVE-2023-0590)
- use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
- denial of service in tipc_conn_close (CVE-2023-1382)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "bpftool"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-uki-virt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-uki-virt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "rtla"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)\n* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)\n* cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)\n* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)\n* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)\n* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)\n* use-after-free in free_pipe_info() could lead to privilege escalation (CVE-2022-1882)\n* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)\n* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)\n* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)\n* out-of-bounds read in fib_nh_match of the file net/ipv4/fib_semantics.c (CVE-2022-3435)\n* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)\n* memory leak in ipv6_renew_options() (CVE-2022-3524)\n* data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)\n* data races around sk-\u003esk_prot (CVE-2022-3567)\n* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)\n* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)\n* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)\n* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)\n* use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (CVE-2022-3640)\n* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)\n* mptcp: NULL pointer dereference in subflow traversal at disconnect time (CVE-2022-4128)\n* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)\n* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)\n* lockdown bypass using IMA (CVE-2022-21505)\n* double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)\n* network backend may cause Linux netfront to use freed SKBs (XSA-405) (CVE-2022-33743)\n* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)\n* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)\n* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)\n* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)\n* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)\n* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)\n* Denial of service in beacon protection for P2P-device (CVE-2022-42722)\n* memory corruption in usbmon driver (CVE-2022-43750)\n* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)\n* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)\n* use-after-free due to race condition in qdisc_graft() (CVE-2023-0590)\n* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)\n* denial of service in tipc_conn_close (CVE-2023-1382)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2023:2458",
"modified": "2023-05-12T03:34:53Z",
"published": "2023-05-09T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:2458"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-26341"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33655"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1462"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1789"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1882"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-20141"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-21505"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2196"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2663"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-28388"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3028"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-33743"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3435"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3522"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3524"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3566"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3567"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3619"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3623"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3625"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3628"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3640"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3707"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39188"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39189"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-4128"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-4129"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-41674"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42703"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42720"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42721"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42722"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42896"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-43750"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47929"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0394"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0461"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0590"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1195"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1382"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2061703"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2073091"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2078466"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2089701"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090723"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106830"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2107924"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2108691"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2114937"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2122228"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2123056"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2124788"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130141"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2133483"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2133490"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134377"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134380"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134451"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134506"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134517"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134528"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2137979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2139610"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143893"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143943"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2144720"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2147364"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150947"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2151270"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154171"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154235"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2160023"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2162120"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2165721"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2165741"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2168246"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2176192"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2177371"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2023-2458.html"
}
],
"related": [
"CVE-2022-42896",
"CVE-2023-0461",
"CVE-2021-26341",
"CVE-2021-33655",
"CVE-2022-1462",
"CVE-2022-1789",
"CVE-2022-1882",
"CVE-2022-2196",
"CVE-2022-2663",
"CVE-2022-3028",
"CVE-2022-3435",
"CVE-2022-3522",
"CVE-2022-3524",
"CVE-2022-3566",
"CVE-2022-3567",
"CVE-2022-3619",
"CVE-2022-3623",
"CVE-2022-3625",
"CVE-2022-3628",
"CVE-2022-3640",
"CVE-2022-3707",
"CVE-2022-4128",
"CVE-2022-4129",
"CVE-2022-20141",
"CVE-2022-21505",
"CVE-2022-28388",
"CVE-2022-33743",
"CVE-2022-39188",
"CVE-2022-39189",
"CVE-2022-41674",
"CVE-2022-42703",
"CVE-2022-42720",
"CVE-2022-42721",
"CVE-2022-42722",
"CVE-2022-43750",
"CVE-2022-47929",
"CVE-2023-0394",
"CVE-2023-0590",
"CVE-2023-1195",
"CVE-2023-1382"
],
"summary": "Important: kernel security, bug fix, and enhancement update"
}
CVE-2022-4128
Vulnerability from osv_almalinux
Published
2023-05-09 00:00
Modified
2023-05-11 14:31
Summary
Important: kernel-rt security and bug fix update
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
- net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
- hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)
- malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)
- possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
- KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
- use-after-free in free_pipe_info() could lead to privilege escalation (CVE-2022-1882)
- KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)
- netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
- race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)
- out-of-bounds read in fib_nh_match of the file net/ipv4/fib_semantics.c (CVE-2022-3435)
- race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
- memory leak in ipv6_renew_options() (CVE-2022-3524)
- data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
- data races around sk->sk_prot (CVE-2022-3567)
- memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)
- denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)
- use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)
- USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
- use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (CVE-2022-3640)
- Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
- mptcp: NULL pointer dereference in subflow traversal at disconnect time (CVE-2022-4128)
- l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)
- igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)
- lockdown bypass using IMA (CVE-2022-21505)
- double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)
- network backend may cause Linux netfront to use freed SKBs (XSA-405) (CVE-2022-33743)
- unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)
- TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)
- u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)
- use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
- use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
- BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)
- Denial of service in beacon protection for P2P-device (CVE-2022-42722)
- memory corruption in usbmon driver (CVE-2022-43750)
- NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
- NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
- use-after-free due to race condition in qdisc_graft() (CVE-2023-0590)
- use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)
- denial of service in tipc_conn_close (CVE-2023-1382)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-kvm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-kvm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-284.11.1.rt14.296.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)\n* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)\n* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch (CVE-2021-26341)\n* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)\n* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)\n* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)\n* use-after-free in free_pipe_info() could lead to privilege escalation (CVE-2022-1882)\n* KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks (CVE-2022-2196)\n* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)\n* race condition in xfrm_probe_algs can lead to OOB read/write (CVE-2022-3028)\n* out-of-bounds read in fib_nh_match of the file net/ipv4/fib_semantics.c (CVE-2022-3435)\n* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)\n* memory leak in ipv6_renew_options() (CVE-2022-3524)\n* data races around icsk-\u003eicsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)\n* data races around sk-\u003esk_prot (CVE-2022-3567)\n* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c (CVE-2022-3619)\n* denial of service in follow_page_pte in mm/gup.c due to poisoned pte entry (CVE-2022-3623)\n* use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)\n* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)\n* use after free flaw in l2cap_conn_del in net/bluetooth/l2cap_core.c (CVE-2022-3640)\n* Double-free in split_2MB_gtt_entry when function intel_gvt_dma_map_guest_page failed (CVE-2022-3707)\n* mptcp: NULL pointer dereference in subflow traversal at disconnect time (CVE-2022-4128)\n* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer dereference (CVE-2022-4129)\n* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets (CVE-2022-20141)\n* lockdown bypass using IMA (CVE-2022-21505)\n* double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c (CVE-2022-28388)\n* network backend may cause Linux netfront to use freed SKBs (XSA-405) (CVE-2022-33743)\n* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)\n* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning (CVE-2022-39189)\n* u8 overflow problem in cfg80211_update_notlisted_nontrans() (CVE-2022-41674)\n* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)\n* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)\n* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c (CVE-2022-42721)\n* Denial of service in beacon protection for P2P-device (CVE-2022-42722)\n* memory corruption in usbmon driver (CVE-2022-43750)\n* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)\n* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)\n* use-after-free due to race condition in qdisc_graft() (CVE-2023-0590)\n* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c (CVE-2023-1195)\n* denial of service in tipc_conn_close (CVE-2023-1382)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2023:2148",
"modified": "2023-05-11T14:31:35Z",
"published": "2023-05-09T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:2148"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-26341"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2021-33655"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1462"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1789"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-1882"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-20141"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-21505"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2196"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-2663"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-28388"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3028"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-33743"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3435"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3522"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3524"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3566"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3567"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3619"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3623"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3625"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3628"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3640"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-3707"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39188"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-39189"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-4128"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-4129"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-41674"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42703"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42720"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42721"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42722"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-42896"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-43750"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-47929"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0394"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0461"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0590"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1195"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1382"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2061703"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2073091"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2078466"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2089701"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2090723"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2106830"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2107924"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2108691"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2114937"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2122228"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2123056"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2124788"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2130141"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2133483"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2133490"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134377"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134380"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134451"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134506"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134517"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2134528"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2137979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2139610"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143893"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2143943"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2144720"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2147364"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150947"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2150979"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2151270"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154171"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2154235"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2160023"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2162120"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2165721"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2165741"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2168246"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2176192"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2177371"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2023-2148.html"
}
],
"related": [
"CVE-2022-42896",
"CVE-2023-0461",
"CVE-2021-26341",
"CVE-2021-33655",
"CVE-2022-1462",
"CVE-2022-1789",
"CVE-2022-1882",
"CVE-2022-2196",
"CVE-2022-2663",
"CVE-2022-3028",
"CVE-2022-3435",
"CVE-2022-3522",
"CVE-2022-3524",
"CVE-2022-3566",
"CVE-2022-3567",
"CVE-2022-3619",
"CVE-2022-3623",
"CVE-2022-3625",
"CVE-2022-3628",
"CVE-2022-3640",
"CVE-2022-3707",
"CVE-2022-4128",
"CVE-2022-4129",
"CVE-2022-20141",
"CVE-2022-21505",
"CVE-2022-28388",
"CVE-2022-33743",
"CVE-2022-39188",
"CVE-2022-39189",
"CVE-2022-41674",
"CVE-2022-42703",
"CVE-2022-42720",
"CVE-2022-42721",
"CVE-2022-42722",
"CVE-2022-43750",
"CVE-2022-47929",
"CVE-2023-0394",
"CVE-2023-0590",
"CVE-2023-1195",
"CVE-2023-1382"
],
"summary": "Important: kernel-rt security and bug fix update"
}
CERTFR-2023-AVI-0393
Vulnerability from certfr_avis - Published: 2023-05-19 - Updated: 2023-05-19
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 8 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 8 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 8 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time 9 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time for NFV 9 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 8 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 8 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 8 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time 9 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 8 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 8 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time for NFV 9 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 8 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2022-30594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30594"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2023-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2022-4269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-3239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3239"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2021-33656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33656"
},
{
"name": "CVE-2023-1582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1582"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2022-41218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41218"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2023-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1390"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4128"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-3522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3522"
},
{
"name": "CVE-2022-1679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1679"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2022-25265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25265"
},
{
"name": "CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2022-33743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33743"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2022-1882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1882"
}
],
"initial_release_date": "2023-05-19T00:00:00",
"last_revision_date": "2023-05-19T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0393",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de RedHat\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et\nun d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2023:2148 du 09 mai 2023",
"url": "https://access.redhat.com/errata/RHSA-2023:2148"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2023:2951 du 16 mai 2023",
"url": "https://access.redhat.com/errata/RHSA-2023:2951"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2023:3190 du 17 mai 2023",
"url": "https://access.redhat.com/errata/RHSA-2023:3190"
}
]
}
CERTFR-2023-AVI-0383
Vulnerability from certfr_avis - Published: 2023-05-12 - Updated: 2023-05-12
De multiples vulnérabilités ont été découvertes dans le noyau Linux de RedHat. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 9 aarch64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 9 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 9.2 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian 9 ppc64le | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for x86_64 9 x86_64 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for x86_64 9 x86_64 | ||
| Red Hat | Red Hat CodeReady Linux Builder | Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 9 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 9 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for IBM z Systems 9 s390x",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server - AUS 9.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Power, little endian 9 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for x86_64 9 x86_64",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for x86_64 9 x86_64",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x",
"product": {
"name": "Red Hat CodeReady Linux Builder",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
},
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2022-42720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42720"
},
{
"name": "CVE-2023-0461",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0461"
},
{
"name": "CVE-2022-47929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
},
{
"name": "CVE-2022-3628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3628"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2022-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39189"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3567"
},
{
"name": "CVE-2022-4129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
},
{
"name": "CVE-2022-2196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
},
{
"name": "CVE-2022-42896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42896"
},
{
"name": "CVE-2021-33655",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33655"
},
{
"name": "CVE-2022-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1462"
},
{
"name": "CVE-2022-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4128"
},
{
"name": "CVE-2022-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
},
{
"name": "CVE-2022-3524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3524"
},
{
"name": "CVE-2022-39188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39188"
},
{
"name": "CVE-2022-21505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21505"
},
{
"name": "CVE-2022-3625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3625"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-42721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42721"
},
{
"name": "CVE-2023-1195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1195"
},
{
"name": "CVE-2022-20141",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20141"
},
{
"name": "CVE-2023-0394",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
},
{
"name": "CVE-2021-26341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26341"
},
{
"name": "CVE-2022-3522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3522"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2022-1789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1789"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2022-3623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3623"
},
{
"name": "CVE-2022-33743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33743"
},
{
"name": "CVE-2022-42722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42722"
},
{
"name": "CVE-2022-3028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3028"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2022-3566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3566"
},
{
"name": "CVE-2022-41674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41674"
},
{
"name": "CVE-2022-1882",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1882"
}
],
"initial_release_date": "2023-05-12T00:00:00",
"last_revision_date": "2023-05-12T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0383",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-05-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de RedHat\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de RedHat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2023:2458 du 09 mai 2023",
"url": "https://access.redhat.com/errata/RHSA-2023:2458"
}
]
}
GSD-2022-4128
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-4128",
"description": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.",
"id": "GSD-2022-4128",
"references": [
"https://www.suse.com/security/cve/CVE-2022-4128.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-4128"
],
"details": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.",
"id": "GSD-2022-4128",
"modified": "2023-12-13T01:19:15.408833Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-4128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Linux kernel (mptcp)",
"version": {
"version_data": [
{
"version_value": "Fixed in 5.19"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/",
"refsource": "MISC",
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/"
},
{
"name": "https://github.com/torvalds/linux/commit/5c835bb142d4",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:mptcp_protocol:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.19",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-4128"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/5c835bb142d4",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
},
{
"name": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-12-01T17:59Z",
"publishedDate": "2022-11-28T22:15Z"
}
}
}
GHSA-4V8V-PR95-RHX7
Vulnerability from github – Published: 2022-11-29 00:30 – Updated: 2025-04-14 18:31
VLAI?
Details
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2022-4128"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-11-28T22:15:00Z",
"severity": "MODERATE"
},
"details": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.",
"id": "GHSA-4v8v-pr95-rhx7",
"modified": "2025-04-14T18:31:41Z",
"published": "2022-11-29T00:30:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4128"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com"
},
{
"type": "WEB",
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau@linux.intel.com"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2022-4128
Vulnerability from fkie_nvd - Published: 2022-11-28 22:15 - Updated: 2025-06-25 20:57
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.19 | |
| linux | linux_kernel | 5.19 | |
| linux | linux_kernel | 5.19 | |
| linux | linux_kernel | 5.19 | |
| linux | linux_kernel | 5.19 | |
| linux | linux_kernel | 5.19 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6521F7AB-7512-4630-A607-5010A8253592",
"versionEndIncluding": "5.18",
"versionStartIncluding": "5.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BF8547FC-C849-4F1B-804B-A93AE2F04A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F3068028-F453-4A1C-B80F-3F5609ACEF60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2E9C0DB0-D349-489F-A3D6-B77214E93A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:*",
"matchCriteriaId": "1A0DE3B7-0FFB-45AA-9BD6-19870CA7C6FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:*",
"matchCriteriaId": "00AE778B-BAEE-49EB-9F84-003B73D7862A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema de desreferencia de puntero NULL en el kernel de Linux en el protocolo MPTCP al atravesar la lista de subflujo en el momento de la desconexi\u00f3n. Un usuario local podr\u00eda utilizar esta falla para bloquear potencialmente el sistema y provocar una Denegaci\u00f3n de Servicio (DoS)."
}
],
"id": "CVE-2022-4128",
"lastModified": "2025-06-25T20:57:22.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-11-28T22:15:11.117",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/5c835bb142d4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…