Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2022-28356

Published: 02/04/2022 Updated: 03/02/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Linux

Vulnerability Summary

In the Linux kernel prior to 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

Vendor Advisories

Debian Security Advisories: DSA-5173-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escalate privileges CVE-2022-0494 The ...
Debian Security Advisories: DSA-5127-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4197 Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escalate privileges CVE-2022-0168 A NU ...
Amazon Linux AMI: ALAS-2022-1581
A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-26490) A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4c and net/ipv6/esp6c This flaw allows a local attacker with a normal user pri ...
Red Hat:
In the Linux kernel before 5171, a refcount leak bug was found in net/llc/af_llcc ...
Ubuntu Security Notice: USN-5381-1: Linux kernel (OEM) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5469-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5467-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5466-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5513-1: Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5500-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5505-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Arch Linux Issues:
In the Linux kernel before 5171, a refcount leak bug was found in net/llc/af_llcc ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-025
A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-26490) A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4c and net/ipv6/esp6c This flaw allows a local attacker with a normal user pri ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-013
A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2022-1048) A buffer overflow fl ...
Amazon Linux 2: ALAS2-2022-1774
A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality This flaw allows a local user to crash or escalate their privileges on the system (CVE-2022-26490) A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4c and net/ipv6/esp6c This flaw allows a local attacker with a normal user pri ...

References

NVD-CWE-Otherhttps://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4ahttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1http://www.openwall.com/lists/oss-security/2022/04/06/1https://www.debian.org/security/2022/dsa-5127https://security.netapp.com/advisory/ntap-20220506-0006/https://lists.debian.org/debian-lts-announce/2022/07/msg00000.htmlhttps://www.debian.org/security/2022/dsa-5173https://nvd.nist.govhttps://www.debian.org/security/2022/dsa-5173https://ubuntu.com/security/notices/USN-5381-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook