CVE-2022-1353

A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc8:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:40

Type Values Removed Values Added
References () https://bugzilla.redhat.com/show_bug.cgi?id=2066819 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2066819 - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c - Patch, Third Party Advisory () https://github.com/torvalds/linux/commit/9a564bccb78a76740ea9d75a259942df8143d02c - Patch, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html - Mailing List, Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20220629-0001/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20220629-0001/ - Third Party Advisory
References () https://www.debian.org/security/2022/dsa-5127 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5127 - Third Party Advisory
References () https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory () https://www.debian.org/security/2022/dsa-5173 - Third Party Advisory

09 Nov 2023, 14:44

Type Values Removed Values Added
First Time Netapp h500e Firmware
Netapp h300e
Netapp h410s
Netapp h500e
Netapp h700s
Netapp h700e
Netapp h500s Firmware
Netapp h700e Firmware
Netapp h410s Firmware
Netapp h410c
Netapp h700s Firmware
Netapp h500s
Netapp h300s
Netapp h300e Firmware
Netapp h300s Firmware
Netapp h410c Firmware
CPE cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Information

Published : 2022-04-29 16:15

Updated : 2024-11-21 06:40


NVD link : CVE-2022-1353

Mitre link : CVE-2022-1353

CVE.ORG link : CVE-2022-1353


JSON object : View

Products Affected

netapp

  • h300s_firmware
  • h700e_firmware
  • h410s_firmware
  • h410c_firmware
  • h300e
  • h300s
  • h700s
  • h500e_firmware
  • h300e_firmware
  • h410c
  • h410s
  • h500s_firmware
  • h700e
  • h500s
  • h500e
  • h700s_firmware

redhat

  • enterprise_linux

linux

  • linux_kernel

debian

  • debian_linux
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo