CVE-2022-2318

Published: Jul 6, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.

Vendor	Product	Versions
n/a	Kernel	affected `Linux Kernel version prior to kernel 5.19 rc5`

Weaknesses (CWE)

CWE-416

References

https://github.com/torvalds/linux/commit/9cc02ede696272c5271a401e4f27c262359bc2f6

DSA-5191

vendor-advisory

[debian-lts-announce] 20221002 [SECURITY] [DLA 3131-1] linux security update

mailing-list

https://security.netapp.com/advisory/ntap-20230120-0001/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-2318

Description

Affected Products

Weaknesses (CWE)

References