VDB-211024 · CVE-2022-3526 · GCVE-100-211024

Linux Kernel skb drivers/net/macvlan.c macvlan_handle_frame Nac'hadenn servij

Un dizalc'hadenn gwallzarvoud evel kudennus zo bet dizoloet e Linux Kernel. Toc'hor eo ar fonksion macvlan_handle_frame eus ar restr drivers/net/macvlan.c eus ar parzh skb. Ar merdeiñ a zegas da Nac'hadenn servij. Implijout CWE evit menegiñ ar gudenn a gas da CWE-401. Kement-se a zo bet embannet 16/10/2022. An aliadenn a vez kinniget evit pellgargañ war git.kernel.org. An dizurzh-mañ a vez anavezet evel CVE-2022-3526. Posupl eo kregiñ gant an dagadenn a-bell. Titouroù teknikel a zo da gaout. N'eus ket a implijadenn hegerz. Bremañ eo priz an exploit might be approx. USD $0-$5k evit ar mare-mañ. Lavaret eo ez eo n'eo ket termenet. Ar reizhiad diwallañ a zo prest da vezañ pellgarget war git.kernel.org. Erbedet eo da arloañ ur patche evit diskoulmañ ar gudenn-mañ. Once again VulDB remains the best source for vulnerability data.

3 Daskemmoù · 64 Poentoù roadennoù

Maez	Krouet 16/10/2022 19:36	Hizivadur 1/2 09/11/2022 14:12	Hizivadur 2/2 09/11/2022 14:13
software_vendor	Linux	Linux	Linux
software_name	Kernel	Kernel	Kernel
software_component	skb	skb	skb
software_file	drivers/net/macvlan.c	drivers/net/macvlan.c	drivers/net/macvlan.c
software_function	macvlan_handle_frame	macvlan_handle_frame	macvlan_handle_frame
vulnerability_cwe	CWE-401 (Nac'hadenn servij)	CWE-401 (Nac'hadenn servij)	CWE-401 (Nac'hadenn servij)
vulnerability_risk	1	1	1
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
advisory_url	https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442	https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442	https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442
countermeasure_name	Pazh	Pazh	Pazh
countermeasure_patch_url	https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442	https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442	https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442
source_cve	CVE-2022-3526	CVE-2022-3526	CVE-2022-3526
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1665871200 (16/10/2022)	1665871200 (16/10/2022)	1665871200 (16/10/2022)
software_type	Operating System	Operating System	Operating System
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	5.0	5.0	5.0
cvss2_vuldb_tempscore	4.4	4.4	4.4
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	5.1	5.1	5.1
cvss3_meta_basescore	5.3	5.3	6.0
cvss3_meta_tempscore	5.1	5.1	6.0
price_0day	$5k-$25k	$5k-$25k	$5k-$25k
cve_assigned		1665871200 (16/10/2022)	1665871200 (16/10/2022)
cve_nvd_summary		A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024.	A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			N
cvss3_nvd_i			N
cvss3_nvd_a			H
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			N
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			N
cvss3_cna_i			N
cvss3_cna_a			L
cve_cna			VulDB
cvss3_nvd_basescore			7.5
cvss3_cna_basescore			5.3

◂ Distreiñ Alc'hwezerezh Kenderc'hel ▸

Interested in the pricing of exploits?

See the underground prices here!