QwikSec

Security Database

CVE

CWE

Training

CVE-2022-3545

Published: Oct 17, 2022

Modified: Apr 15, 2025

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.

Vendor	Product	Versions
Linux	Kernel	affected `n/a`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

References

https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a

https://vuldb.com/?id.211045

https://security.netapp.com/advisory/ntap-20221223-0003/

vendor-advisory

[debian-lts-announce] 20230302 [SECURITY] [DLA 3349-1] linux-5.10 security update

mailing-list

[debian-lts-announce] 20230503 [SECURITY] [DLA 3403-1] linux security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.