CVE-2022-0435

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.9 Linux kernel versions prior to 5.15.23 Linux kernel versions prior to 5.10.100 Linux kernel versions prior to 5.4.179 Linux kernel versions prior to 4.19.229 Linux kernel versions prior to 4.14.266 Linux kernel versions prior to 4.9.301

Description The issue is related to a stack overflow flaw in the Linux kernel's TIPC protocol functionality. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. The vulnerability is caused by a lack of validation of the number of domain member nodes, which can lead to a buffer overflow. The vulnerability can be exploited by sending a specially crafted network packet with a high number of domain member nodes. The issue affects systems with the TIPC module loaded and the TIPC bearer enabled, which is typically used in clusters and not enabled by default in non-specialized Linux distributions.

Recommendations For Linux kernel versions prior to 5.16.9, update to version 5.16.9 or later. For Linux kernel versions prior to 5.15.23, update to version 5.15.23 or later. For Linux kernel versions prior to 5.10.100, update to version 5.10.100 or later. For Linux kernel versions prior to 5.4.179, update to version 5.4.179 or later. For Linux kernel versions prior to 4.19.229, update to version 4.19.229 or later. For Linux kernel versions prior to 4.14.266, update to version 4.14.266 or later. For Linux kernel versions prior to 4.9.301, update to version 4.9.301 or later. As a temporary workaround, consider disabling the TIPC module until a patch is available. Restrict access to the TIPC network to minimize the risk of exploitation. Avoid using the TIPC protocol until the issue is resolved.