CVE-2022-41858 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2022-41858

CVE-2022-41858

January 17, 2023

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

Related Resources (6)

https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798

https://access.redhat.com/security/cve/CVE-2022-41858

https://security-tracker.debian.org/tracker/CVE-2022-41858

https://people.canonical.com/~ubuntu-security/cve/CVE-2022-41858

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec4eb8a86ade4d22633e1da2a7d85a846b7d1798

https://security.netapp.com/advisory/ntap-20230223-0006/

Do you need more information?

CVSS v4

Base Score:

6.9

Attack Vector

LOCAL

Attack Complexity

LOW

Attack Requirements

NONE

Privileges Required

LOW

User Interaction

NONE

Vulnerable System Confidentiality

HIGH

Vulnerable System Integrity

NONE

Vulnerable System Availability

HIGH

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

7.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Weakness Type (CWE)

Use After Free

CWE-416

NULL Pointer Dereference

CWE-476

EPSS

Base Score:

0.01

Products

Solutions

Resources

Company

Compare

Developer Tools