CVE-2022-3541

A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211041 was assigned to this vulnerability.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:19

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : unknown
v3 : 5.5
References () https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=12aece8b01507a2d357a1861f470e83621fbb6f2 - Patch, Vendor Advisory () https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=12aece8b01507a2d357a1861f470e83621fbb6f2 - Patch, Vendor Advisory
References () https://security.netapp.com/advisory/ntap-20221228-0001/ - Broken Link, Third Party Advisory () https://security.netapp.com/advisory/ntap-20221228-0001/ - Broken Link, Third Party Advisory
References () https://vuldb.com/?id.211041 - Third Party Advisory () https://vuldb.com/?id.211041 - Third Party Advisory

07 Nov 2023, 03:51

Type Values Removed Values Added
CWE CWE-416

Information

Published : 2022-10-17 12:15

Updated : 2024-11-21 07:19


NVD link : CVE-2022-3541

Mitre link : CVE-2022-3541

CVE.ORG link : CVE-2022-3541


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer