Lucene search

CVE-2022-3113

🗓️ 14 Dec 2022 21:12:15Reported by redhatType

cve🔗 web.nvd.nist.gov👁 69 Views🌐 WEB

An issue in Linux kernel 5.16-rc6 allows null pointer dereference

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 32
UbuntuCve	CVE-2022-3113	14 Dec 202200:00	–	ubuntucve
RedhatCVE	CVE-2022-3113	13 Dec 202222:12	–	redhatcve
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2022-3113	5 Mar 202500:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: kernel (CVE-2022-3113)	20 Mar 202300:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-40973	5 Mar 202500:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0147-1)	26 Jan 202300:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0146-1)	26 Jan 202300:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0149-1)	26 Jan 202300:00	–	nessus
Tenable Nessus	Photon OS 4.0: Linux PHSA-2021-4.0-0065	22 Jul 202100:00	–	nessus
CBLMariner	CVE-2022-3113 affecting package kernel 5.10.155.1-1	27 Dec 202217:56	–	cbl_mariner

Nvd

Vulners

Node

linux linux_kernelRange<5.16.0

linux linux_kernelMatch5.16.0-

linux linux_kernelMatch5.16.0rc1

linux linux_kernelMatch5.16.0rc2

linux linux_kernelMatch5.16.0rc3

linux linux_kernelMatch5.16.0rc4

linux linux_kernelMatch5.16.0rc5

linux linux_kernelMatch5.16.0rc6

[
  {
    "vendor": "n/a",
    "product": "Kernel",
    "versions": [
      {
        "version": "Linux 5.16-rc6",
        "status": "affected"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Parameter	Position	Path	Description	CWE
serv	request body	/app/options.py	Unauthenticated command injection vulnerability in Roxy-WI prior to version 6.1.1.0 allowing remote code execution.	CWE-476
ipbackend	request body	/app/options.py	Unauthenticated command injection vulnerability in Roxy-WI prior to version 6.1.1.0 allowing remote code execution.	CWE-476
alert_consumer	request body	/app/options.py	Unauthenticated command injection vulnerability in Roxy-WI prior to version 6.1.1.0 allowing remote code execution.	CWE-476
backend_server	request body	/app/options.py	Unauthenticated command injection vulnerability in Roxy-WI prior to version 6.1.1.0 allowing remote code execution.	CWE-476

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Dec 2022 21:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS35.5

EPSS0.01203

SSVC

CWE-476