CVE-2022-3202NULL Pointer Dereference in Kernel

CWE-476NULL Pointer Dereference8 documents7 sources
Severity
7.1HIGHNVD
OSV6.7
EPSS
0.0%
top 92.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxMsrc Cbl2 Kernel 5.15.67.1-4 ON CBL Mariner 2.0+1 more
Timeline
PublishedSep 14
Latest updateSep 30

Description

A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages7 packages

NVDlinux/linux_kernel4.104.14.276+7
Debianlinux/linux_kernel< 5.10.113-1+3
Ubuntulinux/linux_kernel< 4.4.0-234.268
CVEListV5linux/linux_kernelLinux Kernel version prior to kernel 5.18 rc1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

3
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities2022-09-30
GHSA
GHSA-3f4q-435v-wxfp: A NULL pointer dereference flaw in diFree in fs/jfs/inode2022-09-15
OSV
CVE-2022-3202: A NULL pointer dereference flaw in diFree in fs/jfs/inode2022-09-14

📋Vendor Advisories

4
Ubuntu
Linux kernel vulnerabilities2022-09-30
Microsoft
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information2022-09-13
Red Hat
Kernel: jfs: Null Pointer Deference in jfs_evict_inode leads to Denial of Service2022-03-22
Debian
CVE-2022-3202: linux - A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File Sy...2022
CVE-2022-3202 — NULL Pointer Dereference in Kernel | cvebase