Vulnerability Details CVE-2022-1678
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.9%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 5.0
References
- https://anas.openanolis.cn/cves/detail/CVE-2022-1678
- https://anas.openanolis.cn/errata/detail/ANSA-2022:0143
- https://bugzilla.openanolis.cn/show_bug.cgi?id=61
- https://gitee.com/anolis/cloud-kernel/commit/bed537da691b
- https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a
- https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/
- https://security.netapp.com/advisory/ntap-20220715-0001/
- https://anas.openanolis.cn/cves/detail/CVE-2022-1678
- https://anas.openanolis.cn/errata/detail/ANSA-2022:0143
- https://bugzilla.openanolis.cn/show_bug.cgi?id=61
- https://gitee.com/anolis/cloud-kernel/commit/bed537da691b
- https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a
- https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/
- https://security.netapp.com/advisory/ntap-20220715-0001/
Products affected by CVE-2022-1678
-
cpe:2.3:a:netapp:active_iq_unified_manager:-
-
cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1
-
cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2
-
cpe:2.3:a:netapp:element_software:-
-
cpe:2.3:a:netapp:hci_management_node:-
-
cpe:2.3:a:netapp:solidfire:-
-
cpe:2.3:a:netapp:storagegrid:-
-
cpe:2.3:h:netapp:h300e:-
-
cpe:2.3:h:netapp:h300s:-
-
cpe:2.3:h:netapp:h410c:-
-
cpe:2.3:h:netapp:h410s:-
-
cpe:2.3:h:netapp:h500e:-
-
cpe:2.3:h:netapp:h500s:-
-
cpe:2.3:h:netapp:h700e:-
-
cpe:2.3:h:netapp:h700s:-
-
cpe:2.3:h:netapp:hci_compute_node:-
-
cpe:2.3:o:linux:linux_kernel:4.18
-
cpe:2.3:o:linux:linux_kernel:4.18.0
-
cpe:2.3:o:linux:linux_kernel:4.18.0-193.el8
-
cpe:2.3:o:linux:linux_kernel:4.18.1
-
cpe:2.3:o:linux:linux_kernel:4.18.10
-
cpe:2.3:o:linux:linux_kernel:4.18.11
-
cpe:2.3:o:linux:linux_kernel:4.18.12
-
cpe:2.3:o:linux:linux_kernel:4.18.13
-
cpe:2.3:o:linux:linux_kernel:4.18.14
-
cpe:2.3:o:linux:linux_kernel:4.18.15
-
cpe:2.3:o:linux:linux_kernel:4.18.16
-
cpe:2.3:o:linux:linux_kernel:4.18.17
-
cpe:2.3:o:linux:linux_kernel:4.18.18
-
cpe:2.3:o:linux:linux_kernel:4.18.19
-
cpe:2.3:o:linux:linux_kernel:4.18.2
-
cpe:2.3:o:linux:linux_kernel:4.18.20
-
cpe:2.3:o:linux:linux_kernel:4.18.3
-
cpe:2.3:o:linux:linux_kernel:4.18.4
-
cpe:2.3:o:linux:linux_kernel:4.18.5
-
cpe:2.3:o:linux:linux_kernel:4.18.6
-
cpe:2.3:o:linux:linux_kernel:4.18.7
-
cpe:2.3:o:linux:linux_kernel:4.18.8
-
cpe:2.3:o:linux:linux_kernel:4.18.9
-
cpe:2.3:o:linux:linux_kernel:4.19
-
cpe:2.3:o:netapp:bootstrap_os:-
-
cpe:2.3:o:netapp:h300e_firmware:-
-
cpe:2.3:o:netapp:h300s_firmware:-
-
cpe:2.3:o:netapp:h410c_firmware:-
-
cpe:2.3:o:netapp:h410s_firmware:-
-
cpe:2.3:o:netapp:h500e_firmware:-
-
cpe:2.3:o:netapp:h500s_firmware:-
-
cpe:2.3:o:netapp:h700e_firmware:-
-
cpe:2.3:o:netapp:h700s_firmware:-