CVE: CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
Bug #1969605 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Jiping Ma |
Bug Description
CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
Score:
9.0: AV:N/AC:
Description:
CVE-2022-0435 A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
References:
https:/
https:/
The CVE has been fixed by Linux yocto kernel 5.10.102
Changed in starlingx: | |
assignee: | nobody → Joe Slater (jslater0wind) |
Changed in starlingx: | |
assignee: | Joe Slater (jslater0wind) → Jiping Ma (jma11) |
information type: | Public → Public Security |
Changed in starlingx: | |
status: | New → Triaged |
To post a comment you must log in.
Change the fix version to Linux yocto kernel 5.10.102 to include another CVE CVE-2022-0847 fix.