A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211935.
References
Link | Resource |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=17a5f6a78dc7b8db385de346092d7d9f9dc24df6 | Mailing List Patch Vendor Advisory |
https://vuldb.com/?id.211935 | Permissions Required Third Party Advisory |
https://www.debian.org/security/2023/dsa-5333 | Third Party Advisory |
Configurations
History
23 Feb 2023, 16:07
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CPE | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* | |
CWE | CWE-119 |
24 Oct 2022, 18:51
Type | Values Removed | Values Added |
---|---|---|
References | (N/A) https://git.kernel.org/pub/scm/linux/kernel/git/pabeni/net-next.git/commit/?id=17a5f6a78dc7b8db385de346092d7d9f9dc24df6 - Mailing List, Patch, Vendor Advisory | |
References | (N/A) https://vuldb.com/?id.211935 - Permissions Required, Third Party Advisory | |
CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE |
21 Oct 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-21 11:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-3636
Mitre link : CVE-2022-3636
CVE.ORG link : CVE-2022-3636
JSON object : View
Products Affected
debian
- debian_linux
linux
- linux_kernel