exploitDog

CVE-2022-36946

Опубликовано: 27 июл. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

Ссылки

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164
https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html
Mailing List
Third Party Advisory
https://marc.info/?l=netfilter-devel&m=165883202007292&w=2
Mailing List
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0007/
Third Party Advisory
https://www.debian.org/security/2022/dsa-5207
Third Party Advisory
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164
https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html
Mailing List
Third Party Advisory
https://marc.info/?l=netfilter-devel&m=165883202007292&w=2
Mailing List
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220901-0007/
Third Party Advisory
https://www.debian.org/security/2022/dsa-5207
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 2.6.14 (включая) до 4.9.326 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.14.291 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.255 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.209 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.135 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.59 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 5.18.16 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire_\&_hci_storage_node:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04985

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2022-36946

CVSS3: 7.5

ubuntu

почти 3 года назад

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

CVE-2022-36946

CVSS3: 6.2

redhat

почти 3 года назад

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

CVE-2022-36946

CVSS3: 7.5

msrc

почти 3 года назад

Описание отсутствует

CVE-2022-36946

CVSS3: 7.5

debian

почти 3 года назад

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel th ...

GHSA-m6jf-p94r-8589

CVSS3: 7.5

github

почти 3 года назад

nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.

EPSS

Процентиль: 89%

0.04985

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo