← Back

CVE-2022-3028

nvd nist
Published: Aug 31, 2022Modified: Nov 21, 2024

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.

Affected (13)

Linux
1 product
Linux Kernel
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
From 3.14 to 4.9.327
Linux Kernel
From 4.10 to 4.14.292
Linux Kernel
From 4.15 to 4.19.257
Linux Kernel
From 4.20 to 5.4.212
Linux Kernel
From 5.11 to 5.15.64
Linux Kernel
From 5.16 to 5.19.6
Linux Kernel
From 5.5 to 5.10.140
Linux Kernel
Version 6.0 rc1
Linux Kernel
Version 6.0 rc2
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 35
Fedora
Version 36
Fedora
Version 37
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 10.0

Related CWEs

CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.
CWE-667
Improper Locking
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (16)

Source: secalert@redhat.com
PatchThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.