CVE-2022-3621

CWE-404CWE-476NULL Pointer Dereference20 documents7 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 57.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelDebian Debian Linux
Timeline
PublishedOct 20
Latest updateJan 5

Description

A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5linux/kerneln/a
Debianlinux< 5.10.148-1+3

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
GHSA
GHSA-xcq5-jm7f-rp35: A vulnerability was found in Linux Kernel2022-10-21
CVEList
Linux Kernel nilfs2 inode.c nilfs_bmap_lookup_at_level null pointer dereference2022-10-20
OSV
CVE-2022-3621: A vulnerability was found in Linux Kernel2022-10-20

📋Vendor Advisories

16
Ubuntu
Linux kernel (OEM) vulnerabilities2023-01-05
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-14
Ubuntu
Linux kernel (OEM) vulnerabilities2022-12-12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-12
Ubuntu
Linux kernel (Azure) vulnerabilities2022-12-12
CVE-2022-3621 (MEDIUM CVSS 6.5) | A vulnerability was found in Linux | cvebase.io