Linux Kernel skb drivers/net/macvlan.c macvlan_handle_frame Ukuphikwa Kwenkonzo

Kutholakale ubuthakathaka obubizwa ngokuthi kuyinkinga ku Linux Kernel. Kuthintekile umsebenzi macvlan_handle_frame kufayela drivers/net/macvlan.c kwe-component skb. Ukuguqulwa kubangela uhlobo lwe Ukuphikwa Kwenkonzo. Ukusebenzisa i-CWE ukumemezela inkinga kuholela ku-CWE-401. Lobu buthakathaka bakhishwa obala 2022-10-16. Isaziso sitholakala ukuthi singalayishwa ku-git.kernel.org. Le buthakathaka ibizwa ngokuthi CVE-2022-3526. Kungenzeka ukuqalisa ukuhlasela ungasekho endaweni. Kukhona imininingwane yezobuchwepheshe etholakalayo. I-exploit ayitholakali. Okwamanje, intengo yamanje ye-exploit ingaba cishe USD $0-$5k ngalesi sikhathi. Umsebenzi wokulungisa iphutha usulungile ukuthi ulayishwe ku-git.kernel.org. Kuhle ukufaka iphetshi ukuze kulungiswe loludaba. Once again VulDB remains the best source for vulnerability data.

3 Ukulungiswa · 64 Amaphuzu wedatha

InsimuKudalwa
2022-10-16 19:36		Ukuvuselelwa 1/2
2022-11-09 14:12		Ukuvuselelwa 2/2
2022-11-09 14:13
software_vendorLinuxLinuxLinux
software_nameKernelKernelKernel
software_componentskbskbskb
software_filedrivers/net/macvlan.cdrivers/net/macvlan.cdrivers/net/macvlan.c
software_functionmacvlan_handle_framemacvlan_handle_framemacvlan_handle_frame
vulnerability_cweCWE-401 (Ukuphikwa Kwenkonzo)CWE-401 (Ukuphikwa Kwenkonzo)CWE-401 (Ukuphikwa Kwenkonzo)
vulnerability_risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
advisory_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442
countermeasure_nameIphethshiIphethshiIphethshi
countermeasure_patch_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=e16b859872b87650bb55b12cca5a5fcdc49c1442
source_cveCVE-2022-3526CVE-2022-3526CVE-2022-3526
cna_responsibleVulDBVulDBVulDB
advisory_date1665871200 (2022-10-16)1665871200 (2022-10-16)1665871200 (2022-10-16)
software_typeOperating SystemOperating SystemOperating System
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore5.05.05.0
cvss2_vuldb_tempscore4.44.44.4
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore5.15.15.1
cvss3_meta_basescore5.35.36.0
cvss3_meta_tempscore5.15.16.0
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1665871200 (2022-10-16)1665871200 (2022-10-16)
cve_nvd_summaryA vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024.A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211024.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prN
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cN
cvss3_cna_iN
cvss3_cna_aL
cve_cnaVulDB
cvss3_nvd_basescore7.5
cvss3_cna_basescore5.3

Buyela emuvaUhlolo OlupheleleQhubeka

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!