QwikSec

Security Database

CVE

CWE

Training

CVE-2022-3435

Published: Oct 8, 2022

Modified: Apr 15, 2025

PUBLISHED

CVSS v3.1

4.3

MEDIUM

Description

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.

Vendor	Product	Versions
Linux	Kernel	affected `n/a`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

References

https://lore.kernel.org/netdev/20221005181257.8897-1-dsahern%40kernel.org/T/#u

https://vuldb.com/?id.210357

FEDORA-2022-2cfbe17910

vendor-advisory

FEDORA-2022-b948fc3cfb

vendor-advisory

FEDORA-2022-1a5b125ac6

vendor-advisory

[debian-lts-announce] 20221222 [SECURITY] [DLA 3244-1] linux-5.10 security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.