CVE-2022-3524
Linux Kernel IPv6 ipv6_renew_options memory leak
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this vulnerability.
Se ha encontrado una vulnerabilidad en el Kernel de Linux. Se ha declarado como problemática. Esta vulnerabilidad afecta a la función ipv6_renew_options del componente IPv6 Handler. La manipulación conlleva a una pérdida de memoria. El ataque puede ser lanzado remotamente. Es recomendado aplicar un parche para corregir este problema. Se ha asignado el identificador VDB-211021 a esta vulnerabilidad
A memory leak flaw was found in the Linux kernel’s IPv6 functionality in how a user triggers the setsockopt of the IPV6_ADDRFORM and IPV6_DSTOPTS type. This flaw allows a user to crash the system if the setsockopt function is being called simultaneously with the IPV6_ADDRFORM type and other processes with the IPV6_DSTOPTS type. This issue is unlikely to happen unless a local process triggers IPV6_ADDRFORM.
Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2022-10-16 CVE Reserved
- 2022-10-16 CVE Published
- 2025-04-15 CVE Updated
- 2025-05-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-401: Missing Release of Memory after Effective Lifetime
- CWE-404: Improper Resource Shutdown or Release
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html | Mailing List |
|
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html | Mailing List |
|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c52c6bb831f6335c176a0fc7214e26f43adbd11 | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2022-3524 | 2024-02-07 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2150947 | 2024-02-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 2.6.12 Search vendor "Linux" for product "Linux Kernel" and version " < 2.6.12" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.12 Search vendor "Linux" for product "Linux Kernel" and version "2.6.12" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 2.6.12 Search vendor "Linux" for product "Linux Kernel" and version "2.6.12" | rc1 |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
|