A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Netapp
  • H700s
  • H410c
  • H500s
  • H410s
  • H410s Firmware
  • H410c Firmware
  • H500s Firmware
  • H300s Firmware
  • H700s Firmware
  • H300s
Debian
  • Debian Linux
Linux
  • Linux Kernel

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

Configuration 7 [-]

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
References
Link Resource
https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a Patch
https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20221223-0003/ Third Party Advisory
https://vuldb.com/?id.211045 Third Party Advisory
https://www.debian.org/security/2023/dsa-5324 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: VulDB

Published: 2022-10-17T00:00:00

Updated: 2023-05-03T00:00:00

Reserved: 2022-10-17T00:00:00

Link: CVE-2022-3545

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2022-10-17T12:15:11.133

Modified: 2023-11-07T03:51:24.383

Link: CVE-2022-3545

JSON object: View

cve-icon Redhat Information

No data.

CWE