CVE-2022-3566

CWE-362Race ConditionCWE-366CWE-400Uncontrolled Resource Consumption21 documents8 sources
Severity
7.1HIGH
EPSS
0.0%
top 93.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linux Kernel
Timeline
PublishedOct 17
Latest updateJan 5

Description

A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 1.2 | Impact: 3.4

Affected Packages2 packages

CVEListV5linux/kerneln/a
Debianlinux< 6.1.4-1+2

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-qfg2-8gf5-3xfc: A vulnerability, which was classified as problematic, was found in Linux Kernel2022-10-18
OSV
CVE-2022-3566: A vulnerability, which was classified as problematic, was found in Linux Kernel2022-10-17
CVEList
Linux Kernel TCP tcp_setsockopt race condition2022-10-17

📋Vendor Advisories

17
Ubuntu
Linux kernel (OEM) vulnerabilities2023-01-05
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-14
Ubuntu
Linux kernel (OEM) vulnerabilities2022-12-12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-12
CVE-2022-3566 (HIGH CVSS 7.1) | A vulnerability | cvebase.io