Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-36879

Опубликовано: 02 июн. 2022
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). An error while resolving policies in xfrm_bundle_lookup causes the refcount to drop twice, leading to a possible crash and a denial of service.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2023:273616.05.2023
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:295116.05.2023
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2023:562710.10.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9kernel-rtFixedRHSA-2023:214809.05.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9.0 Extended Update SupportkernelFixedRHSA-2024:043225.01.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-911
https://bugzilla.redhat.com/show_bug.cgi?id=2119855kernel: xfrm_expand_policies() in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice

EPSS

Процентиль: 9%
0.00036
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-36879

CVSS3: 5.5
ubuntu
почти 3 года назад

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

nvd логотип

CVE-2022-36879

CVSS3: 5.5
nvd
почти 3 года назад

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

msrc логотип

CVE-2022-36879

CVSS3: 5.5
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2022-36879

CVSS3: 5.5
debian
почти 3 года назад

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expa ...

github логотип

GHSA-wwxv-fc92-xrw3

CVSS3: 5.5
github
почти 3 года назад

An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

EPSS

Процентиль: 9%
0.00036
Низкий

5.5 Medium

CVSS3

Уязвимость CVE-2022-36879