PT-2022-2852 · Linux+5 · Linux Kernel+5

Beraphin

·

Published

2022-03-29

·

Updated

2023-08-14

·

CVE-2022-28356

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17.1
Description A refcount leak bug was found in the net/llc/af llc.c component of the Linux kernel, which can be exploited by a remote attacker to cause a denial of service. The issue is related to a memory leak.
Recommendations For Linux kernel versions prior to 5.17.1, update to version 5.17.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the net/llc/af llc.c component to minimize the risk of exploitation.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALT-PU-2022-1647
ALT-PU-2022-1730
ALT-PU-2022-1768
ALT-PU-2022-2155
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
AZL-9292
BDU:2022-03409
CVE-2022-28356
DLA-3065-1
DSA-5127-1
DSA-5173-1
MGASA-2022-0121
MGASA-2022-0122
OESA-2022-1666
OPENSUSE-SU-2022_1256-1
OPENSUSE-SU-2022_1676-1
OPENSUSE-SU-2022_1687-1
OPENSUSE-SU-2022_3288-1
OPENSUSE-SU-2022_3293-1
OPENSUSE-SU-2022_4617-1
SUSE-SU-2022:1255-1
SUSE-SU-2022:1256-1
SUSE-SU-2022:1266-1
SUSE-SU-2022:1267-1
SUSE-SU-2022:1402-1
SUSE-SU-2022:1668-1
SUSE-SU-2022:1669-1
SUSE-SU-2022:1676-1
SUSE-SU-2022:1686-1
SUSE-SU-2022:1687-1
SUSE-SU-2022:3288-1
SUSE-SU-2022:3293-1
SUSE-SU-2022:4617-1
SUSE-SU-2022_1669-1
SUSE-SU-2022_1676-1
SUSE-SU-2022_1686-1
SUSE-SU-2022_1687-1
SUSE-SU-2023:0416-1
USN-5381-1
USN-5466-1
USN-5467-1
USN-5469-1
USN-5500-1
USN-5505-1
USN-5513-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu