An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10 | Mailing List Patch Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9da0b56fe27206b49f39805f7dcda8a89379062 | Mailing List Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220419-0001/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
|
History
22 Dec 2022, 20:35
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian
Debian debian Linux |
|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory |
01 Jul 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Apr 2022, 19:38
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220419-0001/ - Third Party Advisory | |
First Time |
Netapp h300e
Netapp h410s Netapp h410s Firmware Netapp h700s Netapp Netapp h500e Firmware Netapp h700e Firmware Netapp h300e Firmware Netapp h500s Firmware Netapp h300s Firmware Netapp active Iq Unified Manager Netapp h700s Firmware Netapp h500e Netapp h700e Netapp h500s Netapp h300s |
19 Apr 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Mar 2022, 19:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
First Time |
Linux linux Kernel
Linux |
|
CVSS |
v2 : v3 : |
v2 : 2.1
v3 : 5.5 |
CWE | NVD-CWE-noinfo | |
References | (MISC) https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.10 - Mailing List, Patch, Vendor Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9da0b56fe27206b49f39805f7dcda8a89379062 - Mailing List, Patch, Vendor Advisory |
12 Mar 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-12 22:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-26966
Mitre link : CVE-2022-26966
CVE.ORG link : CVE-2022-26966
JSON object : View
Products Affected
netapp
- h500s
- h700e
- h700s_firmware
- h410s
- h500s_firmware
- h300e_firmware
- h700s
- h700e_firmware
- h300s
- h300s_firmware
- active_iq_unified_manager
- h410s_firmware
- h500e_firmware
- h300e
- h500e
linux
- linux_kernel
debian
- debian_linux
CWE