VulDBCVELIST:CVE-2022-3545CVE-2022-3545 Linux Kernel IPsec nfp_cppcore.c area_cache_get use after free
5.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.3%
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
CNA Affected
[
{
"vendor": "Linux",
"product": "Kernel",
"versions": [
{
"version": "n/a",
"status": "affected"
}
]
}
]References
git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a
lists.debian.org/debian-lts-announce/2023/03/msg00000.html
lists.debian.org/debian-lts-announce/2023/05/msg00006.html
security.netapp.com/advisory/ntap-20221223-0003/
vuldb.com/?id.211045
www.debian.org/security/2023/dsa-5324
Related
5.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.3%