CVE-2022-1671

Опубликовано: 26 июл. 2022

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

Ссылки

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff8376ade4f668130385839cef586a0990f8ef87
Mailing List
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0004/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0008/
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff8376ade4f668130385839cef586a0990f8ef87
Mailing List
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0004/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0008/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.33 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 5.16.19 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.17 (включая) до 5.17.2 (исключая)

Конфигурация 2

Одновременно

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00158

Низкий

7.1 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2022-1671

CVSS3: 7.1

ubuntu

больше 3 лет назад

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

CVE-2022-1671

CVSS3: 7.1

redhat

почти 4 года назад

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

CVE-2022-1671

CVSS3: 7.1

msrc

больше 3 лет назад

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

CVE-2022-1671

CVSS3: 7.1

debian

больше 3 лет назад

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/r ...

GHSA-vv47-5mh5-w3hq

CVSS3: 7.1

github

больше 3 лет назад

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

EPSS

Процентиль: 37%

0.00158

Низкий

7.1 High

CVSS3

Дефекты

CWE-476