Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2022-4378

Published: 05/01/2023 Updated: 07/11/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Linux

Vulnerability Summary

It exists that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Ubuntu Security Notice: USN-5803-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5814-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5809-1: Linux kernel (OEM) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat:
Description<!---->A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables This flaw allows a local user to crash or potentially escalate their privileges on the systemA stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain ker ...
Red Hat: Moderate: Logging Subsystem 5.6.5 - Red Hat OpenShift security update
Synopsis Moderate: Logging Subsystem 565 - Red Hat OpenShift security update Type/Severity Security Advisory: Moderate Topic Logging Subsystem 565 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Securit ...
Red Hat: Important: Red Hat Virtualization Host 4.4.z SP 1 security update
Synopsis Important: Red Hat Virtualization Host 44z SP 1 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for redhat-release-virtualization-host and redhat-virtualization-host is now available f ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.6.5 security updates and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 265 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 265 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat P ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.5.8 security updates and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 258 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 258 GeneralAvailability release images, which fix bugs and security updates container imagesRed Hat Product Security has rated this update as having a ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product S ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Securit ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 76 Advanced Update SupportRed Hat Product Security has rated ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat P ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Produ ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 77 Update Services for SAP SolutionsRed Hat Produ ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...
Red Hat: Important: kernel security and bug fix update
概述 Important: kernel security and bug fix update 类型/严重性 Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 An update for kernel is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterprise L ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 82 Update Services for SAP SolutionsRed Hat Produ ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 77 Advanced Update Support, Red Hat Enterprise Linux 77 Telco ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Security ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Red Hat: Important: kernel security update
Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Advanced Update SupportRed Hat Product Security has rated ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product S ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat P ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this upd ...
Red Hat: Moderate: OpenShift Container Platform 4.10.55 security update
Synopsis Moderate: OpenShift Container Platform 41055 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 41055 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact ...
Red Hat: Important: OpenShift Container Platform 4.10.55 security update
Synopsis Important: OpenShift Container Platform 41055 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41055 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this upd ...
Red Hat: Important: kpatch-patch security update
Synopsis Important: kpatch-patch security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kpatch-patch is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Securit ...
Red Hat: Important: kernel-rt security and bug fix update
概述 Important: kernel-rt security and bug fix update 类型/严重性 Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 An update for kernel-rt is now available for Red Hat Enterprise Linux 82 Telecommunications Update ServiceRed H ...
Arch Linux Issues:
integer type confusion in get_proc_long ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-106
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-105
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler The manipulation leads to memory leak The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211021 was assigned to t ...
Amazon Linux 2: ALAS2KERNEL-5.10-2023-025
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-101
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Amazon Linux 2: ALAS2KERNEL-5.15-2023-012
Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets It appears to be an (unwritten?) assumption in the rest of the Linux network stack that packet protocol headers are all contained within the line ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-107
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-103
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler The manipulation leads to memory leak The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211021 was assigned to t ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-097
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler The manipulation leads to memory leak The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211021 was assigned to t ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-099
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler The manipulation leads to memory leak The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211021 was assigned to t ...
Amazon Linux 2: ALAS2LIVEPATCH-2023-102
A vulnerability was found in Linux Kernel It has been declared as problematic Affected by this vulnerability is the function follow_page_pte of the file mm/gupc of the component BPF The manipulation leads to race condition The attack can be launched remotely It is recommended to apply a patch to fix this issue The identifier VDB-211921 was a ...
Google Chrome: Long Term Support Channel Update for ChromeOS
A new version of&nbsp; LTS Candidate, LTC-108,&nbsp;10805359221&nbsp;(Platform Version:&nbsp;151838240),&nbsp;&nbsp;is being rolled out&nbsp;for most ChromeOS devices&nbsp;Release notes for LTC-108 can be found&nbsp;here Want to know more about Long-term Support? Click&nbsp;here&nbsp;This update contains multiple Security Fixes, including:13 ...
Google Chrome: Long Term Support Channel Update for ChromeOS
LTS-102 is being updated in the LTS channel to&nbsp;10205005197&nbsp;(Platform Version:&nbsp;146951870) for most ChromeOS devices Want to know more about Long Term Support? Click&nbsp;hereThis update contains multiple Security fixes, including:1407701&nbsp;&nbsp;High&nbsp;CVE-2023-0931&nbsp;Use after free in Video1353208&nbsp;High&nbsp;CVE-2 ...

References

CWE-787https://seclists.org/oss-sec/2022/q4/178https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-proc_skip_spaces-shouldn-t-think-it-is-working-on-c-strings.patchhttps://bugzilla.redhat.com/show_bug.cgi?id=2152548https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tree/queue-6.0/proc-avoid-integer-type-confusion-in-get_proc_long.patchhttp://packetstormsecurity.com/files/171289/Kernel-Live-Patch-Security-Notice-LNS-0092-1.htmlhttps://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5803-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook