PT-2022-7349 · Linux+2 · Linux Kernel+2

Zheng Wang

Published

2022-10-03

Updated

2023-02-02

CVE-2022-3541

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A critical vulnerability has been found in the Linux Kernel, affecting the spl2sw nvmem get mac address function in the drivers/net/ethernet/sunplus/spl2sw driver.c file of the BPF component. This vulnerability leads to use after free, allowing an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations To fix this issue, it is recommended to apply a patch. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

ALT-PU-2022-2913

ALT-PU-2022-2925

ALT-PU-2022-3364

ALT-PU-2022-3371

AZL-11132

BDU:2024-04149

CVE-2022-3541

USN-5793-1

USN-5793-2

USN-5793-3

USN-5793-4

Affected Products

Alt Linux

Linux Kernel

Ubuntu

PT-2022-7349 · Linux+2 · Linux Kernel+2

CVE-2022-3541

Weakness Enumeration

Related Identifiers

Affected Products

References · 22