CVE-2022-3594

CWE-404CWE-77921 documents8 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 57.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux Linux KernelLinux KernelDebian Debian Linux
Timeline
PublishedOct 18
Latest updateJan 5

Description

A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5linux/kerneln/a
Debianlinux< 5.10.158-1+3

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-phx5-p62q-ppqc: A vulnerability was found in Linux Kernel2022-10-19
OSV
CVE-2022-3594: A vulnerability was found in Linux Kernel2022-10-18
CVEList
Linux Kernel BPF r8152.c intr_callback logging of excessive data2022-10-18

📋Vendor Advisories

17
Ubuntu
Linux kernel (OEM) vulnerabilities2023-01-05
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-14
Ubuntu
Linux kernel (OEM) vulnerabilities2022-12-12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-12
CVE-2022-3594 (MEDIUM CVSS 5.3) | A vulnerability was found in Linux | cvebase.io