Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2022-48757
HistoryJun 20, 2024 - 2:52 p.m.

CVE-2022-48757

2024-06-2014:52:59
redhat.com
access.redhat.com
2
linux kernel
net namespace
information leakage
/proc/net/ptype
cve-2022-48757

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.1%

JSON

In the Linux kernel, the following vulnerability has been resolved: net: fix information leakage in /proc/net/ptype In one net namespace, after creating a packet socket without binding it to a device, users in other net namespaces can observe the new packet_type added by this packet socket by reading /proc/net/ptype file. This is minor information leakage as packet socket is namespace aware. Add a net pointer in packet_type to keep the net namespace of of corresponding packet socket. In ptype_seq_show, this net pointer must be checked when it is not NULL.

Related

cvelist 1
cve 1
nvd 1
debiancve 1
ubuntucve 1
cvelist
cvelist
CVE-2022-48757 net: fix information leakage in /proc/net/ptype
2024-06-20 11:13:36
cve
cve
CVE-2022-48757
2024-06-20 12:15:13
nvd
nvd
CVE-2022-48757
2024-06-20 12:15:13
debiancve
debiancve
CVE-2022-48757
2024-06-20 12:15:13
ubuntucve
ubuntucve
CVE-2022-48757
2024-06-20 00:00:00

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.1%

JSON
Related for RH:CVE-2022-48757
cvelist1cve1nvd1debiancve1ubuntucve1