CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
14.2%
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
Vendor | Product | Version | CPE |
---|---|---|---|
linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
netapp | h410c | - | cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* |
netapp | h410c_firmware | - | cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* |
netapp | h300s | - | cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* |
netapp | h300s_firmware | - | cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* |
netapp | h500s | - | cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* |
netapp | h500s_firmware | - | cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* |
netapp | h700s | - | cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* |
netapp | h700s_firmware | - | cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* |
netapp | h410s | - | cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* |
git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a
lists.debian.org/debian-lts-announce/2023/03/msg00000.html
lists.debian.org/debian-lts-announce/2023/05/msg00006.html
security.netapp.com/advisory/ntap-20221223-0003/
vuldb.com/?id.211045
www.debian.org/security/2023/dsa-5324