← Back

CVE-2022-28388

nvd nist
Published: Apr 3, 2022Modified: May 5, 2025

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.

Affected (14)

Show all products
Linux: Linux Kernel · Debian: Debian Linux · Fedoraproject: Fedora · Netapp: H300s Firmware, H500s Firmware, H700s Firmware, H300e Firmware, H500e Firmware, H700e Firmware, H410s Firmware, H410c Firmware
Linux
1 product
Linux Kernel
Debian
1 product
Debian Linux
Fedoraproject
1 product
Fedora
Netapp
8 products
H300s Firmware
H500s Firmware
H700s Firmware
H300e Firmware
H500e Firmware
H700e Firmware
H410s Firmware
H410c Firmware
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Linux Kernel
Up to 5.17.1
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 11.0
Fedoraproject
Fedora
Version 34
Fedora
Version 35
Fedora
Version 36
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H300s Firmware
All versions
Running on/withPlatform Versions
Netapp
H300s
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H500s Firmware
All versions
Running on/withPlatform Versions
Netapp
H500s
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H700s Firmware
All versions
Running on/withPlatform Versions
Netapp
H700s
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H300e Firmware
All versions
Running on/withPlatform Versions
Netapp
H300e
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H500e Firmware
All versions
Running on/withPlatform Versions
Netapp
H500e
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H700e Firmware
All versions
Running on/withPlatform Versions
Netapp
H700e
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410s Firmware
All versions
Running on/withPlatform Versions
Netapp
H410s
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
H410c Firmware
All versions
Running on/withPlatform Versions
Netapp
H410c
All versions

Related CWEs

CWE-415
Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (14)

Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.