CVE-2022-1195

Опубликовано: 08 нояб. 2021

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.

Отчет

There was no shipped kernel version that was seen affected by this problem. These files are not built in our source code.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected
Red Hat Enterprise Linux 9	kernel-rt	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-362->CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2056381kernel: A possible race condition (use-after-free) in drivers/net/hamradio/6pack ( mkiss.c) after unregister_netdev

EPSS

Процентиль: 3%

0.00016

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-1195

CVSS3: 5.5

ubuntu

почти 4 года назад

CVE-2022-1195

CVSS3: 5.5

nvd

почти 4 года назад

CVE-2022-1195

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

CVE-2022-1195

CVSS3: 5.5

debian

почти 4 года назад

A use-after-free vulnerability was found in the Linux kernel in driver ...

GHSA-f78j-377g-3x3m

CVSS3: 5.5

github

почти 4 года назад

EPSS

Процентиль: 3%

0.00016

Низкий

5.5 Medium

CVSS3