cvelistv5 - CVE-2022-28389

Source	URL	Tags
cve@mitre.org	https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174	Patch, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/
cve@mitre.org	https://security.netapp.com/advisory/ntap-20220513-0001/	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2022/dsa-5127	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2022/dsa-5173	Third Party Advisory

Vendor	Product
n/a	n/a

wid-sec-w-2022-0163

Vulnerability from csaf_certbund

Published

2022-04-03 22:00

Modified

2024-03-20 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen oder Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0163 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0163.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0163 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0163"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28388"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28389"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28390"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28356"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1163-1 vom 2022-04-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010687.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1183-1 vom 2022-04-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010701.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1196-1 vom 2022-04-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010723.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1197-1 vom 2022-04-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010731.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1255-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010749.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1267-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010755.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2022-1774 vom 2022-04-19",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1774.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2022-1581 vom 2022-04-19",
        "url": "https://alas.aws.amazon.com/ALAS-2022-1581.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1257-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010746.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1256-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010751.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1266-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010754.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2022-013 vom 2022-04-20",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-013.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2022-025 vom 2022-04-20",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-025.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5381-1 vom 2022-04-21",
        "url": "https://ubuntu.com/security/notices/USN-5381-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1402-1 vom 2022-04-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010835.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1407-1 vom 2022-04-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010837.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5127 vom 2022-05-02",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00095.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2022-1793 vom 2022-05-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1793.html"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20220506-0006 vom 2022-05-06",
        "url": "https://security.netapp.com/advisory/ntap-20220506-0006/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5413-1 vom 2022-05-12",
        "url": "https://ubuntu.com/security/notices/USN-5413-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5416-1 vom 2022-05-12",
        "url": "https://ubuntu.com/security/notices/USN-5416-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1686-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011035.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1668-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011019.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1676-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011024.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1687-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011033.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1669-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011018.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5469-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5469-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5466-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5466-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5468-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5468-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5467-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5467-1"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2022-1591 vom 2022-06-10",
        "url": "https://alas.aws.amazon.com/ALAS-2022-1591.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2082-1 vom 2022-06-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011287.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2077-1 vom 2022-06-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011285.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5493-1 vom 2022-06-27",
        "url": "https://ubuntu.com/security/notices/USN-5493-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3065 vom 2022-07-01",
        "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5500-1 vom 2022-07-01",
        "url": "https://ubuntu.com/security/notices/USN-5500-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5173 vom 2022-07-03",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00141.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9533 vom 2022-07-01",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9533.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9534 vom 2022-07-01",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9534.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5493-2 vom 2022-07-01",
        "url": "https://ubuntu.com/security/notices/USN-5493-2"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9557 vom 2022-07-05",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9557.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2022-0019 vom 2022-07-07",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2022-July/001055.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5505-1 vom 2022-07-07",
        "url": "https://ubuntu.com/security/notices/USN-5505-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5513-1 vom 2022-07-13",
        "url": "https://ubuntu.com/security/notices/USN-5513-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5515-1 vom 2022-07-13",
        "url": "https://ubuntu.com/security/notices/USN-5515-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5539-1 vom 2022-07-29",
        "url": "https://ubuntu.com/security/notices/USN-5539-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5541-1 vom 2022-07-29",
        "url": "https://ubuntu.com/security/notices/USN-5541-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2699-1 vom 2022-08-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011825.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2728-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011840.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2709-1 vom 2022-08-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011838.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2727-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011841.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2726-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011843.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2745-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011889.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2766-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011888.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2738-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011865.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2770-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011892.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2776-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011893.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2789-1 vom 2022-08-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011900.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2780-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011897.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2783-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011898.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2854-1 vom 2022-08-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011950.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:3288-1 vom 2022-09-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012270.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:3293-1 vom 2022-09-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012273.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7683 vom 2022-11-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:7683"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7444 vom 2022-11-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:7444"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8267 vom 2022-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2022:8267"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7933 vom 2022-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2022:7933"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8781 vom 2022-12-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:8781"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4617-1 vom 2022-12-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013342.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:0416-1 vom 2023-02-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013765.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 6963936 vom 2023-03-16",
        "url": "https://www.ibm.com/support/pages/node/6963936"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:2458 vom 2023-05-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:2458"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:2148 vom 2023-05-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:2148"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-2458 vom 2023-06-28",
        "url": "https://oss.oracle.com/pipermail/el-errata/2023-June/014226.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2023-036 vom 2023-07-13",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-036.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7077 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7077"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6901 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:6901"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-6583 vom 2024-01-18",
        "url": "https://oss.oracle.com/pipermail/el-errata/2024-January/015150.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0724 vom 2024-02-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:0724"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1404 vom 2024-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:1404"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7144861 vom 2024-03-20",
        "url": "https://www.ibm.com/support/pages/node/7144861"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-20T23:00:00.000+00:00",
      "generator": {
        "date": "2024-03-21T09:41:15.289+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2022-0163",
      "initial_release_date": "2022-04-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-04-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-04-12T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2022-04-13T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-04-18T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-04-19T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE und Amazon aufgenommen"
        },
        {
          "date": "2022-04-20T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-26T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-05-02T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2022-05-05T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2022-05-08T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2022-05-11T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-05-16T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-06-07T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-06-09T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2022-06-14T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-06-26T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-07-03T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Debian, Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2022-07-06T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Oracle Linux und ORACLE aufgenommen"
        },
        {
          "date": "2022-07-13T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-07-28T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-08-08T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-09T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-10T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-11T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-21T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-09-18T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-11-08T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-11-15T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-12-07T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-12-26T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-02-15T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-03-16T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-05-09T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-06-28T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-07-13T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-11-14T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-01-18T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-02-07T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-20T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "40"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Plus 10.1",
                "product": {
                  "name": "IBM Spectrum Protect Plus 10.1",
                  "product_id": "T015895",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.1",
                "product": {
                  "name": "IBM Spectrum Protect 10.1",
                  "product_id": "T023657",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:10.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spectrum Protect"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp ActiveIQ Unified Manager",
            "product": {
              "name": "NetApp ActiveIQ Unified Manager",
              "product_id": "658714",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 5.17.1",
                "product": {
                  "name": "Open Source Linux Kernel \u003c 5.17.1",
                  "product_id": "6368",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Oracle VM",
            "product": {
              "name": "Oracle VM",
              "product_id": "T011119",
              "product_identification_helper": {
                "cpe": "cpe:/a:oracle:vm:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Red Hat OpenShift",
            "product": {
              "name": "Red Hat OpenShift",
              "product_id": "T008027",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:openshift:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-28388",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen im Linux Kernel, die auf einen Double-Free-Fehler zur\u00fcckzuf\u00fchren sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00Z",
      "title": "CVE-2022-28388"
    },
    {
      "cve": "CVE-2022-28389",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen im Linux Kernel, die auf einen Double-Free-Fehler zur\u00fcckzuf\u00fchren sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00Z",
      "title": "CVE-2022-28389"
    },
    {
      "cve": "CVE-2022-28390",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen im Linux Kernel, die auf einen Double-Free-Fehler zur\u00fcckzuf\u00fchren sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00Z",
      "title": "CVE-2022-28390"
    },
    {
      "cve": "CVE-2022-28356",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existiert eine Schwachstelle in der Komponente \"net/llc/af_llc.c\". Dabei werden Informationen \u00fcber den \"Refcount\" offengelegt. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00Z",
      "title": "CVE-2022-28356"
    }
  ]
}

ghsa-vvr5-h9mx-r3g3

Vulnerability from github

Published

2022-04-04 00:00

Modified

2022-04-10 00:01

Severity

7.8 (High) - CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-28389"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-415"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-03T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.",
  "id": "GHSA-vvr5-h9mx-r3g3",
  "modified": "2022-04-10T00:01:03Z",
  "published": "2022-04-04T00:00:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28389"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220513-0001"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5127"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5173"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2022-28389

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.

Aliases

CVE-2022-28389

Aliases

CVE-2022-28389

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-28389",
    "description": "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.",
    "id": "GSD-2022-28389",
    "references": [
      "https://www.suse.com/security/cve/CVE-2022-28389.html",
      "https://advisories.mageia.org/CVE-2022-28389.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2022-28389.html",
      "https://security.archlinux.org/CVE-2022-28389",
      "https://www.debian.org/security/2022/dsa-5127",
      "https://ubuntu.com/security/CVE-2022-28389",
      "https://www.debian.org/security/2022/dsa-5173"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-28389"
      ],
      "details": "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.",
      "id": "GSD-2022-28389",
      "modified": "2023-12-13T01:19:34.412242Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2022-28389",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174",
            "refsource": "MISC",
            "url": "https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174"
          },
          {
            "name": "FEDORA-2022-af492757d9",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/"
          },
          {
            "name": "FEDORA-2022-5cd9d787dc",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/"
          },
          {
            "name": "FEDORA-2022-91633399ff",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/"
          },
          {
            "name": "DSA-5127",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5127"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20220513-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20220513-0001/"
          },
          {
            "name": "DSA-5173",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5173"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.17.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-28389"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-415"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/04c9b00ba83594a29813d6b1fb8fdc93a3915174"
            },
            {
              "name": "FEDORA-2022-af492757d9",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAWC35TO642FOP3UCA3C6IF7NAUFOVZ6/"
            },
            {
              "name": "FEDORA-2022-5cd9d787dc",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFMPUI3WI4U2F7ONHRW36WDY4ZE7LGGT/"
            },
            {
              "name": "FEDORA-2022-91633399ff",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IHHC455LMSJNG4CSZ5CEAHYWY2DE5YW/"
            },
            {
              "name": "DSA-5127",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5127"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220513-0001/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20220513-0001/"
            },
            {
              "name": "DSA-5173",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5173"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-01-03T15:27Z",
      "publishedDate": "2022-04-03T21:15Z"
    }
  }
}

Action not permitted

CVE-2022-28389

Vulnerability from cvelistv5

wid-sec-w-2022-0163

Vulnerability from csaf_certbund

ghsa-vvr5-h9mx-r3g3

Vulnerability from github

gsd-2022-28389

Vulnerability from gsd

Tags