CVE-2022-3435

2022-10-0800:00:00

ubuntu.com

linux kernel

fib_nh_match

out-of-bounds read

remote attack

patch

vdb-210357

ipv4 handler

vulnerability

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.002 Low

EPSS

Percentile

58.8%

JSON

A vulnerability classified as problematic has been found in Linux Kernel.
This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c
of the component IPv4 Handler. The manipulation leads to out-of-bounds
read. It is possible to initiate the attack remotely. It is recommended to
apply a patch to fix this issue. The identifier VDB-210357 was assigned to
this vulnerability.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-144.161UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-67.74UNKNOWN
ubuntu22.10noarchlinux< 5.19.0-35.36UNKNOWN
ubuntu23.04noarchlinux< 6.1.0-16.16UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1097.105UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1031.35UNKNOWN
ubuntu22.10noarchlinux-aws< 5.19.0-1020.21UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1031.35~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1097.105~18.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1104.110UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< 5.4.0-144.161	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-67.74	UNKNOWN
ubuntu	22.10	noarch	linux	< 5.19.0-35.36	UNKNOWN
ubuntu	23.04	noarch	linux	< 6.1.0-16.16	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1097.105	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1031.35	UNKNOWN
ubuntu	22.10	noarch	linux-aws	< 5.19.0-1020.21	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1031.35~20.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< 5.4.0-1097.105~18.04.1	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1104.110	UNKNOWN