← voltar
CVE-2022-3625

Linux Kernel IPsec devlink.c devlink_param_get use after free

CVSS 4.6 MEDIUMEPSS 0.3%CWE-119
A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Produtos afetados
Linux · Kernel

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=6b4db2e528f650c7fb712961aac36455468d5902https://lists.debian.org/debian-lts-announce/2022/11/msg00001.htmlhttps://vuldb.com/?id.211929