Comment 0 for bug 1969605

CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS

Score:
9.0: AV:N/AC:L/Au:S/C:C/I:C/A:C

Description:

CVE-2022-0435 A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-0435
https://access.redhat.com/security/cve/CVE-2022-0435
The CVE has been fixed by Linux yocto kernel 5.10.100