CVE-2022-3646

CWE-404CWE-401Memory Leak30 documents7 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 71.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelDebian Debian Linux
Timeline
PublishedOct 21
Latest updateApr 12

Description

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.6 | Impact: 1.4

Affected Packages2 packages

CVEListV5linux/kerneln/a
Debianlinux< 5.10.148-1+3

Also affects: Debian Linux 10.0

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2022-3646: A vulnerability, which was classified as problematic, has been found in Linux Kernel2022-10-21
CVEList
Linux Kernel BPF segment.c nilfs_attach_log_writer memory leak2022-10-21
GHSA
GHSA-h2j4-qp68-f436: A vulnerability, which was classified as problematic, has been found in Linux Kernel2022-10-21

📋Vendor Advisories

26
Ubuntu
Linux kernel (AWS) vulnerabilities2023-04-12
Ubuntu
Linux kernel vulnerabilities2023-04-12
Ubuntu
Linux kernel (GCP) vulnerabilities2023-04-11
Ubuntu
Linux kernel (AWS) vulnerabilities2023-04-06
Ubuntu
Linux kernel (OEM) vulnerabilities2023-03-27
CVE-2022-3646 (MEDIUM CVSS 4.3) | A vulnerability | cvebase.io