CVE-2022-3635

A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability.

Published: Oct 21, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-3635
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-119
CWE-362
CWE-416

Affected Software
References

Software	From	Fixed in
debian / debian_linux	10.0	10.0.x
linux / linux_kernel	5.5	5.10.138
linux / linux_kernel	5.11	5.15.63
linux / linux_kernel	5.16	5.19.4
linux / linux_kernel	4.10	4.14.291
linux / linux_kernel	2.6.12	4.9.326
linux / linux_kernel	4.15	4.19.256
linux / linux_kernel	4.20	5.4.211

https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=3f4093e2bf4673f218c0bf17d8362337c400e77b
https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html
https://vuldb.com/?id.211934

Vulnerability Database

289,599

CVE-2022-3635