CVE-2022-28199

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions MLNX DPDK (affected versions not specified)

Description The issue is related to improper error recovery handling in the network stack, which can allow a remote attacker to cause denial of service and potentially impact data integrity and confidentiality. This is due to an unbounded resource allocation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Allocation of Resources Without Limits

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284CWE-770CWE-20

Related Identifiers

ALSA-2022:8263

ALT-PU-2023-1744

ALT-PU-2023-1805

BDU:2022-05391

CVE-2022-28199

DSA-5222-1

OESA-2022-1965

OPENSUSE-SU-2022_3341-1

OPENSUSE-SU-2022_3390-1

RHSA-2022:6502

RHSA-2022:6503

RHSA-2022:6504

RHSA-2022:6505

RHSA-2022:6506

RHSA-2022:8263

RHSA-2022_8263

RLSA-2022:8263

SUSE-SU-2022:3341-1

SUSE-SU-2022:3390-1

SUSE-SU-2022:3429-1

USN-5608-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Cisco Ios Xe

Mlnx Dpdk

Red Hat

Rocky Linux

Suse

CVE-2022-28199

Weakness Enumeration

Related Identifiers

Affected Products

References · 54