CVE-2022-3635

Name
CVE-2022-3635
Description
A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
N/A https://vuldb.com/?id.211934
N/A https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b
MLIST https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* linux_kernel == None == -
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.5 < 5.10.138
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.11 < 5.15.63
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 5.16 < 5.19.4
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.10 < 4.14.291
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 2.6.12 < 4.9.326
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.15 < 4.19.256
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= 4.20 < 5.4.211

Vulnerable and fixed packages

Source package Branch Version Maintainer Status