5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.2 Medium
AI Score
Confidence
High
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
13.3%
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
CPE | Name | Operator | Version |
---|---|---|---|
linux | eq | 2.6.26-rc9 | |
linux | eq | 3.19-rc5 | |
linux | eq | 5.12-rc4 | |
linux | eq | 2.6.19-rc6 | |
linux | eq | 3.19-rc2 | |
linux | eq | 5.2-rc2 | |
linux | eq | 2.6.30-rc2 | |
linux | eq | 3.19 | |
linux | eq | 4.10-rc2 | |
linux | eq | 2.6.34-rc4 |
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901
github.com/torvalds/linux/commit/f85daf0e725358be78dfd208dea5fd665d8cb901
lists.debian.org/debian-lts-announce/2022/09/msg00011.html
lists.debian.org/debian-lts-announce/2022/10/msg00000.html
security.netapp.com/advisory/ntap-20220901-0007/
www.debian.org/security/2022/dsa-5207
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.2 Medium
AI Score
Confidence
High
1.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
13.3%