What is the severity of CVE-2022-1671?

CVE-2022-1671 is classified as a high severity vulnerability due to its potential to allow local attackers to crash the system or leak sensitive kernel information.

How do I fix CVE-2022-1671?

To fix CVE-2022-1671, you should upgrade your Linux kernel to version 5.18 or apply available patches that address this flaw.

Which Linux kernel versions are affected by CVE-2022-1671?

CVE-2022-1671 affects Linux kernel versions from 5.11 up to and including 5.18.

Can remote attackers exploit CVE-2022-1671?

No, CVE-2022-1671 is a local privilege escalation vulnerability, meaning it can only be exploited by local attackers with access to the system.

What kind of impact can CVE-2022-1671 have on my system?

CVE-2022-1671 can lead to a system crash or unauthorized access to internal kernel data, compromising system stability and security.

Vulnerability/
CVE-2022-1671

high

7.1

CWE

476

30/3/2022

26/7/2022

21/11/2024

CVE-2022-1671: Null Pointer Dereference

First published: Wed Mar 30 2022(Updated: )

A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.

Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
redhat/kernel	<5.18	5.18
Linux Kernel	>=5.11<5.15.33
Linux Kernel	>=5.16<5.16.19
Linux Kernel	>=5.17<5.17.2
All of
netapp h300s firmware
netapp h300s
All of
NetApp H500S Firmware
netapp h500s
All of
netapp h700s firmware
netapp h700s
All of
netapp h410s firmware
netapp h410s
All of
netapp h410c firmware
netapp h410c
netapp h300s firmware
netapp h300s
NetApp H500S Firmware
netapp h500s
netapp h700s firmware
netapp h700s
netapp h410s firmware
netapp h410s
netapp h410c firmware
netapp h410c
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1

Remedy

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff8376ade4f668130385839cef586a0990f8ef87

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-1671?
CVE-2022-1671 is classified as a high severity vulnerability due to its potential to allow local attackers to crash the system or leak sensitive kernel information.
How do I fix CVE-2022-1671?
To fix CVE-2022-1671, you should upgrade your Linux kernel to version 5.18 or apply available patches that address this flaw.
Which Linux kernel versions are affected by CVE-2022-1671?
CVE-2022-1671 affects Linux kernel versions from 5.11 up to and including 5.18.
Can remote attackers exploit CVE-2022-1671?
No, CVE-2022-1671 is a local privilege escalation vulnerability, meaning it can only be exploited by local attackers with access to the system.
What kind of impact can CVE-2022-1671 have on my system?
CVE-2022-1671 can lead to a system crash or unauthorized access to internal kernel data, compromising system stability and security.

collector/redhat-cve
agent/type
collector/launchpad-cve
source/Launchpad
agent/first-publish-date
agent/author
agent/severity
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2022-1671
agent/software-canonical-lookup
agent/weakness
collector/mitre-cve
source/MITRE
agent/references
agent/remedy
agent/last-modified-date
agent/description
agent/event
agent/trending
agent/source
collector/nvd-cve
source/NVD
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
agent/tags
agent/softwarecombine
collector/usn-cve
source/Ubuntu
collector/security-tracker-debian
source/Debian
package-manager/redhat
vendor/linux
canonical/linux kernel
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/5.17
vendor/netapp
canonical/netapp h300s firmware
canonical/netapp h300s
canonical/netapp h500s firmware
canonical/netapp h500s
canonical/netapp h700s firmware
canonical/netapp h700s
canonical/netapp h410s firmware
canonical/netapp h410s
canonical/netapp h410c firmware
canonical/netapp h410c
package-manager/debian