CVE-2022-1678
published 2022-05-25CVE-2022-1678: An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 5.2.6-1 (bookworm) | linux 5.2.6-1 (bookworm) |
| linux | linux_kernel | >= 0 < 5.2.6-1 | 5.2.6-1 |
| linux | linux_kernel | >= 0 < 5.2.6-1 | 5.2.6-1 |
| linux | linux_kernel | >= 0 < 5.2.6-1 | 5.2.6-1 |
| linux | linux_kernel | >= 0 < 5.2.6-1 | 5.2.6-1 |
| linux | linux_kernel | >= 4.18 < unspecified | unspecified |
| linux | linux_kernel | 4.18 – 4.19 | — |
| linux | linux_kernel | unspecified – 4.19 | — |
| netapp | e-series_santricity_os_controller | 11.0 – 11.70.2 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH