Linux Kernel IPsec nfp_cppcore.c area_cache_get use after free

A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. The CWE definition for the vulnerability is CWE-416. The weakness was published 10/17/2022. The advisory is shared at git.kernel.org. This vulnerability is known as CVE-2022-3545. The attack can only be initiated within the local network. Technical details are available. There is no exploit available. The price for an exploit might be around USD $0-$5k at the moment. It is declared as not defined. We expect the 0-day to have been worth approximately $5k-$25k. The bugfix is ready for download at git.kernel.org. It is recommended to apply a patch to fix this issue. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

Field10/17/2022 13:2411/09/2022 16:4511/09/2022 16:52
vendorLinuxLinuxLinux
nameKernelKernelKernel
componentIPsecIPsecIPsec
filedrivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.cdrivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.cdrivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c
functionarea_cache_getarea_cache_getarea_cache_get
cwe416 (use after free)416 (use after free)416 (use after free)
risk222
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86ahttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86ahttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a
namePatchPatchPatch
patch_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86ahttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86ahttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=02e1a114fdb71e59ee6770294166c30d437bf86a
cveCVE-2022-3545CVE-2022-3545CVE-2022-3545
responsibleVulDBVulDBVulDB
date1665957600 (10/17/2022)1665957600 (10/17/2022)1665957600 (10/17/2022)
typeOperating SystemOperating SystemOperating System
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_avAAA
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss2_vuldb_basescore4.94.94.9
cvss2_vuldb_tempscore4.34.34.3
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.35.35.3
cvss3_meta_basescore5.55.56.3
cvss3_meta_tempscore5.35.36.2
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned1665957600 (10/17/2022)1665957600 (10/17/2022)
cve_nvd_summaryA vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_cna_avA
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaVulDB
cvss3_nvd_basescore7.8
cvss3_cna_basescore5.5

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!