Lucene search

K
nvd[email protected]NVD:CVE-2022-1012
HistoryAug 05, 2022 - 4:15 p.m.

CVE-2022-1012

2022-08-0516:15:11
CWE-401
web.nvd.nist.gov
1
memory leak
tcp source port
information leak
denial of service

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

0.001 Low

EPSS

Percentile

46.7%

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.

Affected configurations

NVD
Node
linuxlinux_kernelRange<5.18
OR
linuxlinux_kernelMatch5.18-
OR
linuxlinux_kernelMatch5.18rc1
OR
linuxlinux_kernelMatch5.18rc2
OR
linuxlinux_kernelMatch5.18rc3
OR
linuxlinux_kernelMatch5.18rc4
OR
linuxlinux_kernelMatch5.18rc5

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

0.001 Low

EPSS

Percentile

46.7%