CVE-2022-3543

CWE-404CWE-401Memory Leak18 documents8 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 71.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux Linux KernelLinux Kernel
Timeline
PublishedOct 17
Latest updateFeb 15

Description

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.1 | Impact: 1.4

Affected Packages21 packages

CVEListV5linux/kerneln/a
Debianlinux< 6.0.3-1+2
Ubuntulinux< 5.15.0-60.66
Ubuntulinux-aws< 5.15.0-1030.34

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

6
OSV
linux-aws, linux-aws-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-intel-iotg vulnerabilities2023-02-15
OSV
linux, linux-azure, linux-azure-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities2023-02-09
OSV
linux-gke vulnerabilities2023-02-09
GHSA
GHSA-qrjf-69q3-8pqj: A vulnerability, which was classified as problematic, has been found in Linux Kernel2022-10-17
OSV
CVE-2022-3543: A vulnerability, which was classified as problematic, has been found in Linux Kernel2022-10-17

📋Vendor Advisories

11
Ubuntu
Linux kernel vulnerabilities2023-02-15
Ubuntu
Linux kernel (GKE) vulnerabilities2023-02-15
Ubuntu
Linux kernel vulnerabilities2023-02-09
Ubuntu
Linux kernel (GKE) vulnerabilities2023-02-09
Ubuntu
Linux kernel (IBM) vulnerabilities2023-01-10
CVE-2022-3543 (MEDIUM CVSS 5.5) | A vulnerability | cvebase.io