CVE-2022-4379

Опубликовано: 10 янв. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

Ссылки

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75333d48f92256a0dec91dbf07835e804fc411c0
Patch
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aeba12b26c79fc35e07e511f692a8907037d95da
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LECFVUHKIRBV5JJBE3KQCLGKNYJPBRCN/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAVD6JIILAVSRHZ4VXSV3RAAGUXKVXZA/
Mailing List
Third Party Advisory
https://seclists.org/oss-sec/2022/q4/185
Mailing List
Third Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75333d48f92256a0dec91dbf07835e804fc411c0
Patch
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aeba12b26c79fc35e07e511f692a8907037d95da
Patch
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LECFVUHKIRBV5JJBE3KQCLGKNYJPBRCN/
Mailing List
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAVD6JIILAVSRHZ4VXSV3RAAGUXKVXZA/
Mailing List
Third Party Advisory
https://seclists.org/oss-sec/2022/q4/185
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230223-0004/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.6 (включая) до 5.10.177 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.105 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.1.3 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00549

Низкий

7.5 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

CVE-2022-4379

CVSS3: 7.5

ubuntu

почти 3 года назад

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

CVE-2022-4379

CVSS3: 7.5

redhat

почти 3 года назад

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

CVE-2022-4379

CVSS3: 7.5

msrc

почти 3 года назад

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial

CVE-2022-4379

CVSS3: 7.5

debian

почти 3 года назад

A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/n ...

SUSE-SU-2023:0320-1

suse-cvrf

почти 3 года назад

Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP4)

EPSS

Процентиль: 67%

0.00549

Низкий

7.5 High

CVSS3

Дефекты

CWE-416