7.8
CVE-2022-3545
- EPSS 0.02%
- Published 17.10.2022 12:15:11
- Last modified 21.11.2024 07:19:44
- Source cna@vuldb.com
- Teams watchlist Login
- Open Login
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
Data is provided by the National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.11 < 4.14.303
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.270
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.228
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.160
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.84
Netapp ≫ H410c Firmware Version-
Netapp ≫ H300s Firmware Version-
Netapp ≫ H500s Firmware Version-
Netapp ≫ H700s Firmware Version-
Netapp ≫ H410s Firmware Version-
Debian ≫ Debian Linux Version10.0
Debian ≫ Debian Linux Version11.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.045 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| cna@vuldb.com | 5.5 | 2.1 | 3.4 |
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.