PT-2024-8461 · Linux+3 · Linux Kernel+3
Hangyu Hua
·
Published
2022-09-22
·
Updated
2025-01-13
·
CVE-2022-48639
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions up to 5.4.214
Linux kernel versions up to 5.10.145
Linux kernel versions up to 5.15.70
Linux kernel versions up to 5.19.11
Linux kernel versions up to 6.0
Description
The issue is related to a memory leak vulnerability in the tc new tfilter function of the Linux kernel's sched component. This vulnerability can allow an attacker to gain access to confidential information. The vulnerability is associated with the net/sched/cls api.c component and can be exploited by an attacker with local network access.
Recommendations
Upgrade the Linux kernel to a version later than 5.4.214 to patch the vulnerability.
Upgrade the Linux kernel to a version later than 5.10.145 to patch the vulnerability.
Upgrade the Linux kernel to a version later than 5.15.70 to patch the vulnerability.
Upgrade the Linux kernel to a version later than 5.19.11 to patch the vulnerability.
Upgrade the Linux kernel to a version later than 6.0 to patch the vulnerability.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Red Os
Suse