CVE-2022-3523 The Linux Kernel was found to have a vulnerability. The vulnerability is in mm/memory.c of the Driver Handler component. The vulnerability causes use after free.
This vulnerability has been classified as critical. It affects the Linux Kernel. It has been discovered in the file ext4_xattr_set.c of the component XFS. It is possible to commit an attack locally. It is also possible to launch the attack remotely. It has been discovered in the function of the file net/ipv4/netfilter/ip_tables.c of the component NETFILTER. The exploitation leads to information disclosure. It is possible to launch the attack locally. It is also possible to launch the attack remotely. It has been discovered in the function of the file drivers/char/mem.c of the component DRIVER. The exploitation leads to information disclosure. It is possible to launch the attack locally. It is also possible to launch the attack remotely. This vulnerability has been classified as high. It affects the Linux Kernel. It has been discovered in the function of the file drivers/base/power/process.c of the component PROCESS. It is possible to commit an attack locally. It is also possible to launch the attack remotely. It has been discovered in the function of the file drivers/base/regmap/regmap.c of the component REGMAP. The exploitation leads to information disclosure. It is possible to launch the attack locally. It is also possible to launch the attack remotely. This vulnerability has been classified as high. It affects the Linux Kernel. It has been discovered in the function of the file drivers/net
CWE-399: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
This vulnerability has been classified as critical. It affects the Linux Kernel. It has been discovered in the function of the file drivers/net/wireless/iwlwifi/pcie/transmit.c of the component IWLWIFI_PCIE. The exploitation leads to information disclosure. It is possible to launch the attack locally. It is also possible to launch the attack remotely.
Linux Kernel – CVE Name and Description
The vulnerability was discovered in the Linux Kernel. The vulnerability is classified as critical. It affects the Linux Kernel and has been discovered in the file ext4_xattr_set.c of the component XFS. This vulnerability can be executed locally or remotely. It has been discovered in the function of the file net/ipv4/netfilter/ip_tables.c of the component NETFILTER. The exploitation leads to information disclosure. It is possible to launch the attack locally or remotely. It has been discovered in the function of the file drivers/char/mem.c of the component DRIVER. The exploitation leads to information disclosure which can be launched locally or remotely. This vulnerability has been classified as high, which means it affects Linux Kernel and has been discovered in drivers/base/power/process.c of component PROCESS and drivers/base/regmap/regmap.c of component REGMAP.
Linux Kernel Vulnerabilities
The Linux Kernel is the core of the operating system. It is responsible for managing hardware resources and process scheduling. The Linux kernel code is open source and accessible to all. This means that vulnerabilities found in the kernel are reported and fixed immediately, as well as reviewed by many users who can help identify potential impacts on their systems.
Vulnerabilities in the Linux Kernel affect a wide range of products, including servers and personal computers running on a variety of platforms, cloud servers, hypervisors, routers, switches, printers, embedded devices, network appliances, cell phones, tablets and more.
The most common symptoms of a vulnerability in the Linux Kernel are reboots or application crashes. Additional symptoms may include abnormal device behavior or unexpected results from built-in diagnostics tools.
Timeline
Published on: 10/16/2022 10:15:00 UTC
Last modified on: 10/19/2022 04:43:00 UTC