CVE-2022-3635

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

21 Jul 2023, 20:09

Type Values Removed Values Added
CWE CWE-416
CWE-119
CWE-362

26 May 2023, 19:42

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

03 Dec 2022, 02:39

Type Values Removed Values Added
First Time Debian
Debian debian Linux
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html - Mailing List, Third Party Advisory

01 Nov 2022, 23:15

Type Values Removed Values Added
CWE CWE-119
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html -

24 Oct 2022, 19:16

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
CWE CWE-119
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.0
First Time Linux
Linux linux Kernel
References (N/A) https://vuldb.com/?id.211934 - (N/A) https://vuldb.com/?id.211934 - Third Party Advisory
References (N/A) https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b - (N/A) https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b - Exploit, Mailing List, Patch, Vendor Advisory

21 Oct 2022, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-10-21 11:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-3635

Mitre link : CVE-2022-3635

CVE.ORG link : CVE-2022-3635


JSON object : View

Products Affected

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer