Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-4128HistoryNov 28, 2022 - 10:15 p.m.
CVE-2022-4128
2022-11-2822:15:11
Debian Security Bug Tracker
security-tracker.debian.org
45
linux kernel
mptcp protocol
subflow list
disconnect time
denial of service
local user
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.18.14-1 | linux_5.18.14-1_all.deb |
| Debian | 11 | all | linux | < 5.10.218-1 | linux_5.10.218-1_all.deb |
| Debian | 999 | all | linux | < 5.18.14-1 | linux_5.18.14-1_all.deb |
| Debian | 13 | all | linux | < 5.18.14-1 | linux_5.18.14-1_all.deb |
Related
cvelist
cvelist
CVE-2022-4128
2022-11-28 00:00:00
nvd
nvd
CVE-2022-4128
2022-11-28 22:15:11
cve
cve
CVE-2022-4128
2022-11-28 22:15:11
prion
prion
Null pointer dereference
2022-11-28 22:15:00
ubuntucve
ubuntucve
CVE-2022-4128
2022-11-28 00:00:00
redhatcve
redhatcve
CVE-2022-4128
2022-11-23 11:26:12
cnvd
cnvd
Linux kernel MPTCP protocol denial of service vulnerability
2022-11-30 00:00:00
nessus
nessus
Oracle Linux 9 : kernel (ELSA-2023-2458)
2023-05-15 00:00:00
RHEL 9 : kernel-rt (RHSA-2023:2148)
2023-05-13 00:00:00
RHEL 9 : kernel (RHSA-2023:2458)
2023-05-13 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-05-09 00:00:00
Important: kernel-rt security and bug fix update
2023-05-09 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-05-15 00:00:00
osv
osv
Important: kernel security, bug fix, and enhancement update
2023-05-09 00:00:00
Important: kernel-rt security and bug fix update
2023-05-09 00:00:00
redhat
redhat
(RHSA-2023:2148) Important: kernel-rt security and bug fix update
2023-05-09 05:01:55
(RHSA-2023:2458) Important: kernel security, bug fix, and enhancement update
2023-05-09 05:11:22
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2022-4128