CVE-2022-2663 — Improper Restriction of Communication Channel to Intended Endpoints in Linux

CWE-923 — Improper Restriction of Communication Channel to Intended Endpoints48 documents7 sources

Severity

5.3MEDIUMNVD

OSV7.8OSV6.7OSV5.9OSV5.5

EPSS

0.2%

top 60.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Debian Linux

Timeline

PublishedSep 1

Latest updateFeb 13

Description

An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶Debianlinux/linux_kernel< 5.10.149-1+3

▶Ubuntulinux/linux_kernel< 4.15.0-204.215+3

▶debiandebian/linux< linux 6.0.2-1 (bookworm)

Also affects: Debian Linux 10.0, 11.0

🔴Vulnerability Details

OSV

linux-oem-5.17 vulnerabilities↗2023-07-25

▶

OSV

linux, linux-kvm, linux-lts-xenial vulnerabilities↗2023-04-12

▶

OSV

linux-gcp vulnerabilities↗2023-04-11

▶

OSV

linux-aws vulnerabilities↗2023-04-06

▶

OSV

linux-azure vulnerabilities↗2023-03-27

▶

📋Vendor Advisories

CISA ICS

Siemens SCALANCE W700↗2025-02-13

▶

Ubuntu

Linux kernel (OEM) vulnerabilities↗2023-07-25

▶

CISA ICS

Siemens SIMATIC S7-1500 TM MFP Linux Kernel↗2023-06-15

▶

Ubuntu

Linux kernel (AWS) vulnerabilities↗2023-04-12

▶

Ubuntu

Linux kernel vulnerabilities↗2023-04-12

▶