CVE-2022-41858
kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip
Severity Score
7.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
Kirill Tkhai discovered that the XFS file system implementation in the Linux kernel did not calculate size correctly when pre-allocating space in some situations. A local attacker could use this to expose sensitive information. Lee Jones discovered that a use-after-free vulnerability existed in the Bluetooth implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-09-30 CVE Reserved
- 2023-01-17 CVE Published
- 2024-08-03 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
- CWE-476: NULL Pointer Dereference
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20230223-0006 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798 | 2023-10-05 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-41858 | 2024-03-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2144379 | 2024-03-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.9.311 Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.311" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.10 < 4.14.276 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.14.276" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.15 < 4.19.239 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.239" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.20 < 5.4.190 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.190" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.5.0 < 5.10.112 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.5.0 < 5.10.112" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.15.35 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.15.35" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.16 < 5.17.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.16 < 5.17.4" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h300s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h300s" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h410c Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h410c" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h410s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h410s" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h500s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h500s" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Hci Baseboard Management Controller Search vendor "Netapp" for product "Hci Baseboard Management Controller" | h700s Search vendor "Netapp" for product "Hci Baseboard Management Controller" and version "h700s" | - |
Affected
| ||||||