Linux Kernel IPsec drivers/atm/idt77252.c tst_timer use after free

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. Using CWE to declare the problem leads to CWE-416. The weakness was shared 10/21/2022 as DLA 3173-1. The advisory is available at git.kernel.org. This vulnerability is handled as CVE-2022-3635. The attack can only be initiated within the local network. Technical details are available. There is no exploit available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment. It is declared as not defined. As 0-day the estimated underground price was around $5k-$25k. The bugfix is ready for download at git.kernel.org. It is recommended to apply a patch to fix this issue. A possible mitigation has been published even before and not after the disclosure of the vulnerability.

Field10/21/2022 12:3411/19/2022 08:1511/19/2022 08:18
vendorLinuxLinuxLinux
nameKernelKernelKernel
componentIPsecIPsecIPsec
filedrivers/atm/idt77252.cdrivers/atm/idt77252.cdrivers/atm/idt77252.c
functiontst_timertst_timertst_timer
cwe416 (use after free)416 (use after free)416 (use after free)
risk222
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77bhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77bhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b
namePatchPatchPatch
patch_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77bhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77bhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b
responsibleVulDBVulDBVulDB
date1666303200 (10/21/2022)1666303200 (10/21/2022)1666303200 (10/21/2022)
typeOperating SystemOperating SystemOperating System
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_avAAA
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss2_vuldb_basescore4.94.94.9
cvss2_vuldb_tempscore4.34.34.3
cvss3_vuldb_basescore5.55.55.5
cvss3_vuldb_tempscore5.35.35.3
cvss3_meta_basescore5.55.56.0
cvss3_meta_tempscore5.35.35.9
price_0day$5k-$25k$5k-$25k$5k-$25k
cveCVE-2022-3635CVE-2022-3635CVE-2022-3635
identifierDLA 3173-1DLA 3173-1
cve_assigned1666303200 (10/21/2022)1666303200 (10/21/2022)
cve_nvd_summaryA vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.
cvss3_nvd_avL
cvss3_nvd_acH
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_cna_avA
cvss3_cna_acL
cvss3_cna_prL
cvss3_cna_uiN
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaVulDB
cvss3_nvd_basescore7.0
cvss3_cna_basescore5.5

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!