PT-2022-7355 · Linux+2 · Linux Kernel+2

Van Fantasy

Published

2022-07-11

Updated

2023-05-09

CVE-2022-4128

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. This issue is related to the function mptcp copy inaddrs() in the module net/mptcp/protocol.c. A local user could use this flaw to potentially crash the system, causing a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2023:2148

ALSA-2023:2458

BDU:2024-04155

CVE-2022-4128

RHSA-2023:2148

RHSA-2023:2458

RHSA-2023_2148

RHSA-2023_2458

Affected Products

Almalinux

Linux Kernel

Red Hat

PT-2022-7355 · Linux+2 · Linux Kernel+2

CVE-2022-4128

Weakness Enumeration

Related Identifiers

Affected Products

References · 104