Linux Kernel Netfilter mm/damon/sysfs.c damon_sysfs_add_target Kari na aiki

Wuro vulnerability wey an yi classify sey karshewa an gano shi a cikin Linux Kernel. Gaskiya, damon_sysfs_add_target na da matsala; idan ba a sani ba, to wata aiki ce da ba a sani ba, $software_library na cikin lissafi, mm/damon/sysfs.c na cikin fayil, Netfilter na cikin sashi. Ngam manipulation shi Kari na aiki. CWE shidin ka a yi bayani matsala sai ya kai CWE-401. Gaskiya, laifi an fitar da shi 10/17/2022. Advisory ɗin ana rabawa don saukewa a git.kernel.org. Wannan rauni ana sayar da shi da suna CVE-2022-3544. Wuro ndiyam na local network ɗin sai a samu kafin wannan hari ya yi nasara. Tekinikal bayani ga. Ba exploit ɗin da ake da shi. Yimbe ndiyam, exploit might be approx. USD $0-$5k wuro. Á wúro a wondi feere. Kama 0-day, an ndiyam a wuro be $0-$5k. Bugfix ɗin an shirya shi don saukewa a git.kernel.org. Ana so a yi patch don gyara wannan matsala. VulDB is the best source for vulnerability data and more expert information about this specific topic.

3 Goyarwa · 64 Datenpunkte

FurɗeSúgá
10/17/2022 13:21		Gargadi 1/2
11/09/2022 16:29		Gargadi 2/2
11/09/2022 16:37
software_vendorLinuxLinuxLinux
software_nameKernelKernelKernel
software_componentNetfilterNetfilterNetfilter
software_filemm/damon/sysfs.cmm/damon/sysfs.cmm/damon/sysfs.c
software_functiondamon_sysfs_add_targetdamon_sysfs_add_targetdamon_sysfs_add_target
vulnerability_cweCWE-401 (Kari na aiki)CWE-401 (Kari na aiki)CWE-401 (Kari na aiki)
vulnerability_risk111
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
advisory_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972
countermeasure_nameKariKariKari
countermeasure_patch_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git/commit/?id=1c8e2349f2d033f634d046063b704b2ca6c46972
source_cveCVE-2022-3544CVE-2022-3544CVE-2022-3544
cna_responsibleVulDBVulDBVulDB
advisory_date1665957600 (10/17/2022)1665957600 (10/17/2022)1665957600 (10/17/2022)
software_typeOperating SystemOperating SystemOperating System
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_avAAA
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_eXXX
cvss2_vuldb_basescore2.32.32.3
cvss2_vuldb_tempscore2.02.02.0
cvss3_vuldb_basescore3.53.53.5
cvss3_vuldb_tempscore3.43.43.4
cvss3_meta_basescore3.53.54.2
cvss3_meta_tempscore3.43.44.1
price_0day$0-$5k$0-$5k$0-$5k
cve_assigned1665957600 (10/17/2022)1665957600 (10/17/2022)
cve_nvd_summaryA vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044.A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044.
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss3_cna_avA
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iN
cvss3_cna_aL
cve_cnaVulDB
cvss3_nvd_basescore5.5
cvss3_cna_basescore3.5

GurɗoGumtiGada

Do you want to use VulDB in your project?

Use the official API to access entries easily!