Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-0322

Опубликовано: 25 мар. 2022
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия до 5.15 (исключая)
cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%
0.00016
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-681
CWE-704

Связанные уязвимости

ubuntu логотип

CVE-2022-0322

CVSS3: 5.5
ubuntu
около 3 лет назад

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).

redhat логотип

CVE-2022-0322

CVSS3: 5.5
redhat
больше 3 лет назад

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).

msrc логотип

CVE-2022-0322

CVSS3: 5.5
msrc
около 3 лет назад

Описание отсутствует

debian логотип

CVE-2022-0322

CVSS3: 5.5
debian
около 3 лет назад

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm ...

github логотип

GHSA-g6mc-765r-fwwj

CVSS3: 5.5
github
около 3 лет назад

A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS).

EPSS

Процентиль: 2%
0.00016
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-681
CWE-704