CVE-2022-3624

2022-10-2106:15:09

CWE-401

CWE-404

VulDB

web.nvd.nist.gov

linux kernel

vulnerability

rlb_arp_xmit

memory leak

patch

ipsec

vdb-211928

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

AI Score

3.9

Confidence

High

EPSS

Percentile

12.6%

JSON

A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue is the function rlb_arp_xmit of the file drivers/net/bonding/bond_alb.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211928.

Affected configurations

Nvd

Node

linuxlinux_kernelMatch-

VendorProductVersionCPE
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*

CNA Affected

[
  {
    "vendor": "Linux",
    "product": "Kernel",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]