CVE-2022-3595

CWE-119Buffer OverflowCWE-4158 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 95.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux Linux KernelLinux Kernel
Timeline
PublishedOct 18
Latest updateOct 19

Description

A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211364.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

CVEListV5linux/kerneln/a

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-6f3f-h9qx-hrcc: A vulnerability was found in Linux Kernel2022-10-19
OSV
CVE-2022-3595: A vulnerability was found in Linux Kernel2022-10-18
CVEList
Linux Kernel CIFS sess.c sess_free_buffer double free2022-10-18

📋Vendor Advisories

3
Red Hat
kernel: A double free problem in sess_free_buffer in file fs/cifs/sess.c2022-10-14
Microsoft
Linux Kernel CIFS sess.c sess_free_buffer double free2022-10-11
Debian
CVE-2022-3595: linux - A vulnerability was found in Linux Kernel. It has been rated as problematic. Aff...2022
CVE-2022-3595 (MEDIUM CVSS 5.5) | A vulnerability was found in Linux | cvebase.io