Linux Kernel net/vmw_vsock/af_vsock.c vsock_connect denegación de servicio

Una vulnerabilidad ha sido encontrada en Linux Kernel y clasificada como problemática. La función vsock_connect del archivo net/vmw_vsock/af_vsock.c es afectada por esta vulnerabilidad. Mediante la manipulación de un input desconocido se causa una vulnerabilidad de clase denegación de servicio. El advisory puede ser descargado de git.kernel.org. La vulnerabilidad es identificada como CVE-2022-3629. El ataque se puede efectuar a través de la red local. Los detalles técnicos son conocidos. Fue declarado como no está definido. El parche puede ser descargado de git.kernel.org. El mejor modo sugerido para mitigar el problema es aplicar el parche al componente. Una solución posible ha sido publicada incluso antes y no después de la publicación de la vulnerabilidad.

Campo2022-11-19 07:472022-11-19 07:542023-01-03 12:44
vendorLinuxLinuxLinux
nameKernelKernelKernel
componentIPsecIPsec
filenet/vmw_vsock/af_vsock.cnet/vmw_vsock/af_vsock.cnet/vmw_vsock/af_vsock.c
functionvsock_connectvsock_connectvsock_connect
cwe401 (denegación de servicio)401 (denegación de servicio)401 (denegación de servicio)
risk111
cvss3_vuldb_acHHH
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9dhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9dhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d
nameParcheParcheParche
patch_urlhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9dhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9dhttps://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d
cveCVE-2022-3629CVE-2022-3629CVE-2022-3629
responsibleVulDBVulDBVulDB
date1666303200 (2022-10-21)1666303200 (2022-10-21)1666303200 (2022-10-21)
typeOperating SystemOperating SystemOperating System
cvss2_vuldb_acHHH
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_avAAA
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss3_vuldb_avAAA
cvss3_vuldb_prLLL
cvss3_vuldb_eXXX
cvss2_vuldb_basescore1.41.41.4
cvss2_vuldb_tempscore1.21.21.2
cvss3_vuldb_basescore2.62.62.6
cvss3_vuldb_tempscore2.52.52.5
cvss3_meta_basescore2.62.82.8
cvss3_meta_tempscore2.52.82.8
price_0day$0-$5k$0-$5k$5k-$25k
identifierDLA 3173-1DLA 3173-1DLA 3173-1
cve_assigned1666303200 (2022-10-21)1666303200 (2022-10-21)1666303200 (2022-10-21)
cve_nvd_summaryA vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.
cvss3_nvd_avLL
cvss3_nvd_acLL
cvss3_nvd_prLL
cvss3_nvd_uiNN
cvss3_nvd_sUU
cvss3_nvd_cNN
cvss3_nvd_iNN
cvss3_nvd_aLL
cvss3_cna_avAA
cvss3_cna_acHH
cvss3_cna_prLL
cvss3_cna_uiNN
cvss3_cna_sUU
cvss3_cna_cNN
cvss3_cna_iNN
cvss3_cna_aLL
cve_cnaVulDBVulDB
cvss3_nvd_basescore3.33.3
cvss3_cna_basescore2.62.6

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!