CVE-2022-3629

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

20 Oct 2023, 15:15

Type Values Removed Values Added
Summary A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.

28 Feb 2023, 19:26

Type Values Removed Values Added
References (MISC) https://vuldb.com/?ctiid.211930 - (MISC) https://vuldb.com/?ctiid.211930 - Third Party Advisory

03 Jan 2023, 12:15

Type Values Removed Values Added
CWE CWE-404
References
  • {'url': 'https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html', 'name': '[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • (MISC) https://vuldb.com/?ctiid.211930 -
Summary A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.

04 Nov 2022, 19:04

Type Values Removed Values Added
First Time Debian debian Linux
Debian
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - Mailing List, Third Party Advisory

01 Nov 2022, 23:15

Type Values Removed Values Added
CWE CWE-404
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html -

24 Oct 2022, 17:53

Type Values Removed Values Added
CWE CWE-404
References (N/A) https://vuldb.com/?id.211930 - (N/A) https://vuldb.com/?id.211930 - Third Party Advisory
References (N/A) https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d - (N/A) https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d - Mailing List, Patch, Vendor Advisory
First Time Linux
Linux linux Kernel
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 3.3

21 Oct 2022, 06:18

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-21 06:15

Updated : 2024-05-17 02:13


NVD link : CVE-2022-3629

Mitre link : CVE-2022-3629

CVE.ORG link : CVE-2022-3629


JSON object : View

Products Affected

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-401

Missing Release of Memory after Effective Lifetime