CVE-2022-3435

CWE-119Buffer OverflowCWE-125Out-of-bounds Read20 documents7 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 77.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelDebian Debian LinuxFedoraproject Fedora
Timeline
PublishedOct 8
Latest updateApr 5

Description

A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fib_nh_match of the file net/ipv4/fib_semantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-210357 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5linux/kerneln/a
Debianlinux< 5.10.158-1+3

Also affects: Debian Linux 10.0, Fedora 35, 36, 37

Patches

Patch: vuldb.comPatch: vuldb.com

🔴Vulnerability Details

3
GHSA
GHSA-hcgg-5q2q-c9qf: A vulnerability classified as problematic has been found in Linux Kernel2022-10-09
CVEList
Linux Kernel IPv4 fib_semantics.c fib_nh_match out-of-bounds2022-10-08
OSV
CVE-2022-3435: A vulnerability classified as problematic has been found in Linux Kernel2022-10-08

📋Vendor Advisories

16
Ubuntu
Linux kernel (BlueField) vulnerabilities2023-04-05
Ubuntu
Linux kernel (Intel IoTG) vulnerabilities2023-03-16
Ubuntu
Linux kernel (KVM) vulnerabilities2023-03-14
Ubuntu
Linux kernel (IBM) vulnerabilities2023-03-14
Ubuntu
Linux kernel (KVM) vulnerabilities2023-03-09
CVE-2022-3435 (MEDIUM CVSS 4.3) | A vulnerability classified as probl | cvebase.io