CVE-2022-3635

2022-10-2100:00:00

ubuntu.com

linux kernel

critical

use after free

atm network

device driver

ipsec

patch

vdb-211934

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

32.7%

JSON

A vulnerability, which was classified as critical, has been found in Linux
Kernel. Affected by this issue is the function tst_timer of the file
drivers/atm/idt77252.c of the component IPsec. The manipulation leads to
use after free. It is recommended to apply a patch to fix this issue.
VDB-211934 is the identifier assigned to this vulnerability.

Notes

Author	Note
sbeattie	this issue has nothing to do with IPSec directly as it affects an ATM network device driver.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-197.208UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-132.148UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-53.59UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-235.269UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1143.155UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1089.97UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1023.27UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1114.120UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1152.167UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1023.27~20.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-197.208	UNKNOWN
ubuntu	20.04	noarch	linux	< 5.4.0-132.148	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-53.59	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-235.269	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1143.155	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1089.97	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1023.27	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1114.120	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1152.167	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1023.27~20.04.1	UNKNOWN