Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2022-3643
HistoryDec 07, 2022 - 1:15 a.m.

CVE-2022-3643

2022-12-0701:15:00
Debian Security Bug Tracker
security-tracker.debian.org
12

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

13.3%

JSON

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the linear section of the SKB and some NICs behave badly if this is not the case. This has been reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780 (bnx2x) though it may be an issue with other NICs/drivers as well. In case the frontend is sending requests with split headers, netback will forward those violating above mentioned assumption to the networking core, resulting in said misbehavior.

Related

xen 1
ubuntucve 1
cve 1
photon 4
prion 1
veracode 1
redhatcve 1
citrix 1
nessus 40
osv 20
ubuntu 20
openvas 37
mageia 3
amazon 3
ics 1
debian 2
slackware 1
xen
xen
Guests can trigger NIC interface reset/abort/crash via netback
2022-12-06 15:15:00
ubuntucve
ubuntucve
CVE-2022-3643
2022-12-07 00:00:00
cve
cve
CVE-2022-3643
2022-12-07 01:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0507
2022-12-21 00:00:00
Critical Photon OS Security Update - PHSA-2022-0547
2022-12-10 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0507
2022-12-21 00:00:00
prion
prion
Design/Logic Flaw
2022-12-07 01:15:00
veracode
veracode
Denial Of Service (DoS)
2023-01-17 18:59:27
redhatcve
redhatcve
CVE-2022-3643
2023-01-04 16:03:38
citrix
citrix
Citrix Hypervisor Security Bulletin for CVE-2022-3643, CVE-2022-42328 & CVE-2022-42329
2022-12-19 11:47:45
nessus
nessus
Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5802-1)
2023-01-12 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5813-1)
2023-01-20 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5829-1)
2023-01-26 00:00:00
osv
osv
linux-aws-5.4, linux-gkeop, linux-hwe-5.4, linux-oracle, linux-snapdragon vulnerabilities
2023-01-19 17:44:32
linux-aws, linux-gcp-4.15 vulnerabilities
2023-01-13 19:11:37
linux-azure, linux-azure-5.4, linux-raspi2 vulnerabilities
2023-01-27 18:49:52
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2023-01-25 00:00:00
Linux kernel vulnerabilities
2023-01-12 00:00:00
Linux kernel vulnerabilities
2023-01-19 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5794-1)
2023-01-09 00:00:00
Ubuntu: Security Advisory (USN-5830-1)
2023-01-30 00:00:00
Ubuntu: Security Advisory (USN-5814-1)
2023-01-20 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-12-18 02:55:57
Updated kernel packages fix security vulnerabilities
2022-12-18 02:55:57
Updated kernel-linus packages fix security vulnerabilities
2023-01-22 23:39:23
amazon
amazon
Important: kernel
2023-03-17 15:53:00
Important: kernel
2023-02-03 19:19:00
Important: kernel
2023-02-03 19:19:00
ics
ics
​Siemens SIMATIC MV500 Devices
2023-07-13 12:00:00
debian
debian
[SECURITY] [DLA 3244-1] linux-5.10 security update
2022-12-22 13:40:03
[SECURITY] [DLA 3245-1] linux security update
2022-12-23 22:16:58
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-02-18 02:15:39

6.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

13.3%

JSON
Related for DEBIANCVE:CVE-2022-3643
xen1ubuntucve1cve1photon4prion1veracode1redhatcve1citrix1nessus40osv20ubuntu20openvas37mageia3amazon3ics1debian2slackware1