Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-3625

Опубликовано: 21 окт. 2022
Источник: nvd
CVSS3: 4.6
CVSS3: 7.8
EPSS Низкий

Описание

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.19 (включая) до 5.4.211 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.10.138 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.11 (включая) до 5.15.63 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.16 (включая) до 5.19.4 (исключая)
Конфигурация 2
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%
0.00015
Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-119
CWE-416

Связанные уязвимости

ubuntu логотип

CVE-2022-3625

CVSS3: 4.6
ubuntu
больше 2 лет назад

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.

redhat логотип

CVE-2022-3625

CVSS3: 7.8
redhat
почти 3 года назад

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.

debian логотип

CVE-2022-3625

CVSS3: 4.6
debian
больше 2 лет назад

A vulnerability was found in Linux Kernel. It has been classified as c ...

github логотип

GHSA-69vv-8r9h-g8x5

CVSS3: 7.8
github
больше 2 лет назад

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability.

fstec логотип

BDU:2022-06616

CVSS3: 7.8
fstec
почти 3 года назад

Уязвимость функции devlink_param_set/devlink_param_get (net/core/devlink.c) компонента IPsec ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 2%
0.00015
Низкий

4.6 Medium

CVSS3

7.8 High

CVSS3

Дефекты

CWE-119
CWE-416