PT-2022-6763 · Linux+5 · Linux Kernel+5
Duoming Zhou
·
Published
2022-08-08
·
Updated
2023-08-14
·
CVE-2022-3635
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux Kernel (affected versions not specified)
Description
A critical issue has been found in the Linux Kernel, affecting the function
tst timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free, which can be exploited due to a race condition. This may allow an attacker to impact the confidentiality, integrity, and availability of protected information.Recommendations
To fix this issue, it is recommended to apply a patch.
As a temporary workaround, consider disabling the
tst timer function until a patch is available.
Restrict access to the vulnerable module drivers/atm/idt77252.c to minimize the risk of exploitation.Exploit
Fix
Use After Free
Race Condition
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Linux Kernel
Linuxmint
Suse
Ubuntu