CVE-2022-3633

CWE-401 — Memory Leak CWE-4046 documents6 sources

Severity

3.3LOW

EPSS

0.1%

top 67.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Debian Linux

Timeline

PublishedOct 21

Description

A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5linux/kerneln/a

▶Debianlinux< 5.10.140-1+3

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2022-3633: A vulnerability classified as problematic has been found in Linux Kernel↗2022-10-21

▶

CVEList

Linux Kernel transport.c j1939_session_destroy memory leak↗2022-10-21

▶

GHSA

GHSA-4h2p-5cf9-5j8f: A vulnerability classified as problematic has been found in Linux Kernel↗2022-10-21

▶

📋Vendor Advisories

Red Hat

kernel: memory leak in the function j1939_session_destroy for j1939 socket↗2022-08-05

▶

Debian

CVE-2022-3633: linux - A vulnerability classified as problematic has been found in Linux Kernel. Affect...↗2022

▶