Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2022-3643
HistoryDec 07, 2022 - 12:00 a.m.

CVE-2022-3643

2022-12-0700:00:00
ubuntu.com
ubuntu.com
19
nic interface
linux network
packet protocol
cisco enic
broadcom netxtrem ii bcm5780
networking core

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0

Percentile

14.2%

JSON

Guests can trigger NIC interface reset/abort/crash via netback It is
possible for a guest to trigger a NIC interface reset/abort/crash in a
Linux based network backend by sending certain kinds of packets. It appears
to be an (unwritten?) assumption in the rest of the Linux network stack
that packet protocol headers are all contained within the linear section of
the SKB and some NICs behave badly if this is not the case. This has been
reported to occur with Cisco (enic) and Broadcom NetXtrem II BCM5780
(bnx2x) though it may be an issue with other NICs/drivers as well. In case
the frontend is sending requests with split headers, netback will forward
those violating above mentioned assumption to the networking core,
resulting in said misbehavior.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux<Β 4.15.0-202.213UNKNOWN
ubuntu20.04noarchlinux<Β 5.4.0-137.154UNKNOWN
ubuntu22.04noarchlinux<Β 5.15.0-58.64UNKNOWN
ubuntu22.10noarchlinux<Β 5.19.0-29.30UNKNOWN
ubuntu16.04noarchlinux<Β 4.4.0-236.270UNKNOWN
ubuntu18.04noarchlinux-aws<Β 4.15.0-1148.160UNKNOWN
ubuntu20.04noarchlinux-aws<Β 5.4.0-1094.102UNKNOWN
ubuntu22.04noarchlinux-aws<Β 5.15.0-1028.32UNKNOWN
ubuntu22.10noarchlinux-aws<Β 5.19.0-1017.18UNKNOWN
ubuntu14.04noarchlinux-aws<Β 4.4.0-1115.121UNKNOWN
Rows per page:
1-10 of 781

References

Related

debiancve 1
cve 1
xen 1
cvelist 1
nvd 1
redhatcve 1
prion 1
photon 4
veracode 1
nessus 42
citrix 1
osv 20
openvas 37
ubuntu 20
mageia 3
amazon 3
ics 2
debian 2
slackware 1
debiancve
debiancve
CVE-2022-3643
2022-12-07 01:15:11
cve
cve
CVE-2022-3643
2022-12-07 01:15:11
xen
xen
Guests can trigger NIC interface reset/abort/crash via netback
2022-12-06 15:15:00
cvelist
cvelist
CVE-2022-3643
2022-12-07 00:00:00
nvd
nvd
CVE-2022-3643
2022-12-07 01:15:11
redhatcve
redhatcve
CVE-2022-3643
2023-01-04 16:03:38
prion
prion
Design/Logic Flaw
2022-12-07 01:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0507
2022-12-21 00:00:00
Critical Photon OS Security Update - PHSA-2022-0547
2022-12-10 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0507
2022-12-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-01-17 18:59:27
nessus
nessus
Photon OS 3.0: Linux PHSA-2022-3.0-0507
2024-07-24 00:00:00
Ubuntu 16.04 ESM : Linux kernel (AWS) vulnerabilities (USN-5794-1)
2023-01-07 00:00:00
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5804-1)
2023-01-13 00:00:00
citrix
citrix
Citrix Hypervisor Security Bulletin for CVE-2022-3643, CVE-2022-42328 & CVE-2022-42329
2022-12-19 11:47:45
osv
osv
linux-azure vulnerabilities
2023-02-09 23:17:58
linux-ibm-5.4 vulnerabilities
2023-01-17 18:00:04
linux-aws vulnerabilities
2023-01-06 22:55:54
openvas
openvas
Ubuntu: Security Advisory (USN-5863-1)
2023-02-10 00:00:00
Ubuntu: Security Advisory (USN-5830-1)
2023-01-30 00:00:00
Ubuntu: Security Advisory (USN-5794-1)
2023-01-09 00:00:00
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2023-01-25 00:00:00
Linux kernel vulnerabilities
2023-01-19 00:00:00
Linux kernel vulnerabilities
2023-01-12 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-12-18 02:55:57
Updated kernel packages fix security vulnerabilities
2022-12-18 02:55:57
Updated kernel-linus packages fix security vulnerabilities
2023-01-22 23:39:23
amazon
amazon
Important: kernel
2023-03-17 15:53:00
Important: kernel
2023-02-03 19:19:00
Important: kernel
2023-02-03 19:19:00
ics
ics
​Siemens SIMATIC MV500 Devices
2023-07-13 12:00:00
Siemens SIMATIC and SIPLUS
2024-06-13 12:00:00
debian
debian
[SECURITY] [DLA 3244-1] linux-5.10 security update
2022-12-22 13:40:03
[SECURITY] [DLA 3245-1] linux security update
2022-12-23 22:16:58
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-02-18 02:15:39

CVSS3

6.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

EPSS

0

Percentile

14.2%

JSON
Related for UB:CVE-2022-3643
debiancve1cve1xen1cvelist1nvd1redhatcve1prion1photon4veracode1nessus42citrix1osv20openvas37ubuntu20mageia3amazon3ics2debian2slackware1