Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-41858

Опубликовано: 05 апр. 2022
Источник: redhat
CVSS3: 7.1
EPSS Низкий

Описание

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

Меры по смягчению последствий

This flaw can be mitigated by preventing the affected slip driver from loading during the boot time, and ensuring the module is added to the blacklist file.

Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:088120.02.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:089720.02.2024
Red Hat Enterprise Linux 8.2 Advanced Update SupportkernelFixedRHSA-2024:126812.03.2024
Red Hat Enterprise Linux 8.2 Telecommunications Update Servicekernel-rtFixedRHSA-2024:126912.03.2024
Red Hat Enterprise Linux 8.2 Telecommunications Update ServicekernelFixedRHSA-2024:126812.03.2024
Red Hat Enterprise Linux 8.2 Update Services for SAP SolutionskernelFixedRHSA-2024:126812.03.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2144379kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

EPSS

Процентиль: 1%
0.0001
Низкий

7.1 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-41858

CVSS3: 7.1
ubuntu
больше 2 лет назад

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

nvd логотип

CVE-2022-41858

CVSS3: 7.1
nvd
больше 2 лет назад

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

msrc логотип

CVE-2022-41858

CVSS3: 7.1
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-41858

CVSS3: 7.1
debian
больше 2 лет назад

A flaw was found in the Linux kernel. A NULL pointer dereference may o ...

github логотип

GHSA-5r4m-496r-7wqm

CVSS3: 7.1
github
больше 2 лет назад

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

EPSS

Процентиль: 1%
0.0001
Низкий

7.1 High

CVSS3

Уязвимость CVE-2022-41858