Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2022-3643

Published: 07/12/2022 Updated: 29/11/2023
CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2
VMScore: 0
Subscribe to Linux Kernel

Vulnerability Summary

It exists that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux_kernel

debian debian linux 10.0

Vendor Advisories

Amazon Linux AMI: ALAS-2023-1706
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the line ...
Ubuntu Security Notice: USN-5813-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5794-1: Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5802-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5804-2: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5808-1: Linux kernel (IBM) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5803-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5814-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5804-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Amazon Linux 2: ALAS2KERNEL-5.4-2023-041
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Amazon Linux 2: ALAS2KERNEL-5.10-2023-025
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Amazon Linux 2: ALAS2KERNEL-5.15-2023-012
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the line ...
Amazon Linux 2: ALAS2-2023-1932
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the line ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-2837 linux 6012-1 62-1 High Unknown AVG-2836 linux-zen 6012-1 62-1 High Unknown ...

References

CWE-74https://xenbits.xenproject.org/xsa/advisory-423.txthttp://www.openwall.com/lists/oss-security/2022/12/07/2https://lists.debian.org/debian-lts-announce/2022/12/msg00031.htmlhttps://lists.debian.org/debian-lts-announce/2022/12/msg00034.htmlhttp://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.htmlhttps://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2023-1706.htmlhttps://ubuntu.com/security/notices/USN-5813-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook