First published: Thu Jul 21 2022(Updated: )
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:4.18.0-477.10.1.rt7.274.el8_8 | 0:4.18.0-477.10.1.rt7.274.el8_8 |
redhat/kernel | <0:4.18.0-477.10.1.el8_8 | 0:4.18.0-477.10.1.el8_8 |
redhat/kernel | <0:5.14.0-284.11.1.el9_2 | 0:5.14.0-284.11.1.el9_2 |
redhat/kernel-rt | <0:5.14.0-284.11.1.rt14.296.el9_2 | 0:5.14.0-284.11.1.rt14.296.el9_2 |
redhat/kernel | <6.0 | 6.0 |
Linux Kernel | >=3.14<4.9.327 | |
Linux Kernel | >=4.10<4.14.292 | |
Linux Kernel | >=4.15<4.19.257 | |
Linux Kernel | >=4.20<5.4.212 | |
Linux Kernel | >=5.5<5.10.140 | |
Linux Kernel | >=5.11<5.15.64 | |
Linux Kernel | >=5.16<5.19.6 | |
Linux Kernel | =6.0-rc1 | |
Linux Kernel | =6.0-rc2 | |
Red Hat Fedora | =35 | |
Red Hat Fedora | =36 | |
Red Hat Fedora | =37 | |
Debian Linux | =10.0 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2022-3028 has been classified as a medium severity vulnerability affecting the Linux kernel.
To fix CVE-2022-3028, upgrade to the appropriate kernel version as specified in the remediation details.
CVE-2022-3028 affects various versions of the Linux kernel, including those before 4.18.0-477.10.1.el8_8 for Red Hat systems.
No, CVE-2022-3028 can only be exploited by local attackers due to its nature.
CVE-2022-3028 could lead to out-of-bounds write or kernel heap memory leakage, potentially compromising system integrity.