CVE-2022-41858

A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.

Published: Jan 17, 2023
Updated: Apr 14, 2023
CVE: CVE-2022-41858
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWEs:

CWE-416
CWE-476

Affected Software
References

Software	From	Fixed in
netapp / hci_baseboard_management_controller	h300s	h300s.x
netapp / hci_baseboard_management_controller	h500s	h500s.x
netapp / hci_baseboard_management_controller	h700s	h700s.x
netapp / hci_baseboard_management_controller	h410s	h410s.x
netapp / hci_baseboard_management_controller	h410c	h410c.x
linux / linux_kernel	5.16	5.17.4
linux / linux_kernel	5.11	5.15.35
linux / linux_kernel	5.5.0	5.10.112
linux / linux_kernel	4.20	5.4.190
linux / linux_kernel	4.15	4.19.239
linux / linux_kernel	4.10	4.14.276
linux / linux_kernel	-	4.9.311

https://github.com/torvalds/linux/commit/ec4eb8a86ade4d22633e1da2a7d85a846b7d1798
https://security.netapp.com/advisory/ntap-20230223-0006/

Vulnerability Database

289,697

CVE-2022-41858