9.1

CVE-2022-0742

Memory leak in ICMP6 in Linux Kernel

Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.13 < 5.15.27
LinuxLinux Kernel Version >= 5.16 < 5.16.13
LinuxLinux Kernel Version5.17 Updaterc1
LinuxLinux Kernel Version5.17 Updaterc2
LinuxLinux Kernel Version5.17 Updaterc3
LinuxLinux Kernel Version5.17 Updaterc4
LinuxLinux Kernel Version5.17 Updaterc5
LinuxLinux Kernel Version5.17 Updaterc6
NetappA400 Firmware Version-
   NetappA400 Version-
NetappAff 8300 Firmware Version-
   NetappAff 8300 Version-
NetappAff 8700 Firmware Version-
   NetappAff 8700 Version-
NetappFas 8300 Firmware Version-
   NetappFas 8300 Version-
NetappFas 8700 Firmware Version-
   NetappFas 8700 Version-
NetappH300e Firmware Version-
   NetappH300e Version-
NetappH300s Firmware Version-
   NetappH300s Version-
NetappH410c Firmware Version-
   NetappH410c Version-
NetappH410s Firmware Version-
   NetappH410s Version-
NetappH500e Firmware Version-
   NetappH500e Version-
NetappH500s Firmware Version-
   NetappH500s Version-
NetappH700e Firmware Version-
   NetappH700e Version-
NetappH700s Firmware Version-
   NetappH700s Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.92% 0.91
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
cve-coordination@google.com 9.1 3.9 5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20220425-0001/
Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/03/15/3
Third Party Advisory
Mailing List