Description
A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211935.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.1 | Impact: 3.4Attack Vector: Adjacent
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Unchanged
Confidentiality: Low
Integrity: Low
Availability: Low
Affected Packages1 packages
Also affects: Debian Linux 11.0
🔴Vulnerability Details
3GHSAGHSA-wp33-7frp-g7vg: A vulnerability, which was classified as critical, was found in Linux Kernel↗2022-10-21 CVEListLinux Kernel Ethernet mtk_ppe.c __mtk_ppe_check_skb use after free↗2022-10-21 OSVCVE-2022-3636: A vulnerability, which was classified as critical, was found in Linux Kernel↗2022-10-21 📋Vendor Advisories
2Red HatKernel: A use after free in __mtk_ppe_check_skb in drivers/net/ethernet/mediatek/mtk_ppe.c↗2022-04-12 DebianCVE-2022-3636: linux - A vulnerability, which was classified as critical, was found in Linux Kernel. Th...↗2022