cvelistv5 - CVE-2022-28356

URL	Tags
cve@mitre.org	http://www.openwall.com/lists/oss-security/2022/04/06/1	Exploit, Mailing List, Third Party Advisory
cve@mitre.org	https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1	Patch, Release Notes, Vendor Advisory
cve@mitre.org	https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a	Patch, Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html	Mailing List, Third Party Advisory
cve@mitre.org	https://security.netapp.com/advisory/ntap-20220506-0006/	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2022/dsa-5127	Third Party Advisory
cve@mitre.org	https://www.debian.org/security/2022/dsa-5173	Third Party Advisory

▼	Vendor	Product
	n/a	n/a

wid-sec-w-2022-0163

Vulnerability from csaf_certbund

Published

2022-04-03 22:00

Modified

2024-03-20 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen oder Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-0163 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0163.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-0163 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0163"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28388"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28389"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28390"
      },
      {
        "category": "external",
        "summary": "NIST Database vom 2022-04-03",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28356"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1163-1 vom 2022-04-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010687.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1183-1 vom 2022-04-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010701.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1196-1 vom 2022-04-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010723.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1197-1 vom 2022-04-14",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010731.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1255-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010749.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1267-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010755.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2022-1774 vom 2022-04-19",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1774.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2022-1581 vom 2022-04-19",
        "url": "https://alas.aws.amazon.com/ALAS-2022-1581.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1257-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010746.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1256-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010751.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1266-1 vom 2022-04-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010754.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2022-013 vom 2022-04-20",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-013.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2022-025 vom 2022-04-20",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-025.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5381-1 vom 2022-04-21",
        "url": "https://ubuntu.com/security/notices/USN-5381-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1402-1 vom 2022-04-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010835.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1407-1 vom 2022-04-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010837.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5127 vom 2022-05-02",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00095.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2022-1793 vom 2022-05-05",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1793.html"
      },
      {
        "category": "external",
        "summary": "NetApp Security Advisory NTAP-20220506-0006 vom 2022-05-06",
        "url": "https://security.netapp.com/advisory/ntap-20220506-0006/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5413-1 vom 2022-05-12",
        "url": "https://ubuntu.com/security/notices/USN-5413-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5416-1 vom 2022-05-12",
        "url": "https://ubuntu.com/security/notices/USN-5416-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1686-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011035.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1668-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011019.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1676-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011024.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1687-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011033.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1669-1 vom 2022-05-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011018.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5469-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5469-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5466-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5466-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5468-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5468-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5467-1 vom 2022-06-08",
        "url": "https://ubuntu.com/security/notices/USN-5467-1"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2022-1591 vom 2022-06-10",
        "url": "https://alas.aws.amazon.com/ALAS-2022-1591.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2082-1 vom 2022-06-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011287.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2077-1 vom 2022-06-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011285.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5493-1 vom 2022-06-27",
        "url": "https://ubuntu.com/security/notices/USN-5493-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3065 vom 2022-07-01",
        "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5500-1 vom 2022-07-01",
        "url": "https://ubuntu.com/security/notices/USN-5500-1"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5173 vom 2022-07-03",
        "url": "https://lists.debian.org/debian-security-announce/2022/msg00141.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9533 vom 2022-07-01",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9533.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9534 vom 2022-07-01",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9534.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5493-2 vom 2022-07-01",
        "url": "https://ubuntu.com/security/notices/USN-5493-2"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2022-9557 vom 2022-07-05",
        "url": "https://linux.oracle.com/errata/ELSA-2022-9557.html"
      },
      {
        "category": "external",
        "summary": "ORACLE OVMSA-2022-0019 vom 2022-07-07",
        "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2022-July/001055.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5505-1 vom 2022-07-07",
        "url": "https://ubuntu.com/security/notices/USN-5505-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5513-1 vom 2022-07-13",
        "url": "https://ubuntu.com/security/notices/USN-5513-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5515-1 vom 2022-07-13",
        "url": "https://ubuntu.com/security/notices/USN-5515-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5539-1 vom 2022-07-29",
        "url": "https://ubuntu.com/security/notices/USN-5539-1"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-5541-1 vom 2022-07-29",
        "url": "https://ubuntu.com/security/notices/USN-5541-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2699-1 vom 2022-08-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011825.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2728-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011840.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2709-1 vom 2022-08-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011838.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2727-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011841.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2726-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011843.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2745-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011889.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2766-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011888.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2738-1 vom 2022-08-10",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011865.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2770-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011892.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2776-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011893.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2789-1 vom 2022-08-12",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011900.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2780-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011897.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2783-1 vom 2022-08-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011898.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:2854-1 vom 2022-08-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011950.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:3288-1 vom 2022-09-16",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012270.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:3293-1 vom 2022-09-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012273.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7683 vom 2022-11-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:7683"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7444 vom 2022-11-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:7444"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8267 vom 2022-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2022:8267"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:7933 vom 2022-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2022:7933"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2022:8781 vom 2022-12-08",
        "url": "https://access.redhat.com/errata/RHSA-2022:8781"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:4617-1 vom 2022-12-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-December/013342.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2023:0416-1 vom 2023-02-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-February/013765.html"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 6963936 vom 2023-03-16",
        "url": "https://www.ibm.com/support/pages/node/6963936"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:2458 vom 2023-05-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:2458"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:2148 vom 2023-05-09",
        "url": "https://access.redhat.com/errata/RHSA-2023:2148"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-2458 vom 2023-06-28",
        "url": "https://oss.oracle.com/pipermail/el-errata/2023-June/014226.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2023-036 vom 2023-07-13",
        "url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-036.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:7077 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:7077"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2023:6901 vom 2023-11-15",
        "url": "https://access.redhat.com/errata/RHSA-2023:6901"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2023-6583 vom 2024-01-18",
        "url": "https://oss.oracle.com/pipermail/el-errata/2024-January/015150.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0724 vom 2024-02-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:0724"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1404 vom 2024-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:1404"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7144861 vom 2024-03-20",
        "url": "https://www.ibm.com/support/pages/node/7144861"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-20T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:27:00.419+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-0163",
      "initial_release_date": "2022-04-03T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-04-03T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2022-04-12T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2022-04-13T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-04-18T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-04-19T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE und Amazon aufgenommen"
        },
        {
          "date": "2022-04-20T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-04-26T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-05-02T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2022-05-05T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2022-05-08T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von NetApp aufgenommen"
        },
        {
          "date": "2022-05-11T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-05-16T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-06-07T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-06-09T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2022-06-14T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-06-26T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-07-03T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Debian, Ubuntu und Oracle Linux aufgenommen"
        },
        {
          "date": "2022-07-06T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Oracle Linux und ORACLE aufgenommen"
        },
        {
          "date": "2022-07-13T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-07-28T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2022-08-08T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-09T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-10T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-11T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-08-21T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-09-18T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-11-08T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-11-15T23:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-12-07T23:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2022-12-26T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-02-15T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2023-03-16T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2023-05-09T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2023-06-28T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2023-07-13T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2023-11-14T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-01-18T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-02-07T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-19T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-20T23:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von IBM aufgenommen"
        }
      ],
      "status": "final",
      "version": "40"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Plus 10.1",
                "product": {
                  "name": "IBM Spectrum Protect Plus 10.1",
                  "product_id": "T015895",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:plus_10.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "10.1",
                "product": {
                  "name": "IBM Spectrum Protect 10.1",
                  "product_id": "T023657",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:spectrum_protect:10.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Spectrum Protect"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "NetApp ActiveIQ Unified Manager",
            "product": {
              "name": "NetApp ActiveIQ Unified Manager",
              "product_id": "658714",
              "product_identification_helper": {
                "cpe": "cpe:/a:netapp:active_iq_unified_manager:-::~~~vmware_vsphere~~"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "NetApp"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 5.17.1",
                "product": {
                  "name": "Open Source Linux Kernel \u003c 5.17.1",
                  "product_id": "6368"
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Oracle VM",
            "product": {
              "name": "Oracle VM",
              "product_id": "T011119",
              "product_identification_helper": {
                "cpe": "cpe:/a:oracle:vm:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Red Hat OpenShift",
            "product": {
              "name": "Red Hat OpenShift",
              "product_id": "T008027",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:openshift:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-28388",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen im Linux Kernel, die auf einen Double-Free-Fehler zur\u00fcckzuf\u00fchren sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00.000+00:00",
      "title": "CVE-2022-28388"
    },
    {
      "cve": "CVE-2022-28389",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen im Linux Kernel, die auf einen Double-Free-Fehler zur\u00fcckzuf\u00fchren sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00.000+00:00",
      "title": "CVE-2022-28389"
    },
    {
      "cve": "CVE-2022-28390",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen im Linux Kernel, die auf einen Double-Free-Fehler zur\u00fcckzuf\u00fchren sind. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00.000+00:00",
      "title": "CVE-2022-28390"
    },
    {
      "cve": "CVE-2022-28356",
      "notes": [
        {
          "category": "description",
          "text": "Im Linux Kernel existiert eine Schwachstelle in der Komponente \"net/llc/af_llc.c\". Dabei werden Informationen \u00fcber den \"Refcount\" offengelegt. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T011119",
          "T008027",
          "2951",
          "T002207",
          "67646",
          "T000126",
          "T023657",
          "398363",
          "658714",
          "T015895",
          "T004914"
        ]
      },
      "release_date": "2022-04-03T22:00:00.000+00:00",
      "title": "CVE-2022-28356"
    }
  ]
}

gsd-2022-28356

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

Aliases

CVE-2022-28356

Aliases

CVE-2022-28356

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-28356",
    "description": "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.",
    "id": "GSD-2022-28356",
    "references": [
      "https://security.archlinux.org/CVE-2022-28356",
      "https://advisories.mageia.org/CVE-2022-28356.html",
      "https://www.suse.com/security/cve/CVE-2022-28356.html",
      "https://ubuntu.com/security/CVE-2022-28356",
      "https://alas.aws.amazon.com/cve/html/CVE-2022-28356.html",
      "https://www.debian.org/security/2022/dsa-5127",
      "https://www.debian.org/security/2022/dsa-5173"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-28356"
      ],
      "details": "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.",
      "id": "GSD-2022-28356",
      "modified": "2023-12-13T01:19:34.558425Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2022-28356",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a",
            "refsource": "MISC",
            "url": "https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a"
          },
          {
            "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1",
            "refsource": "MISC",
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1"
          },
          {
            "name": "[oss-security] 20220406 CVE-2022-28356: Linux kernel: refcount leak in llc_ui_bind and llc_ui_autobind",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2022/04/06/1"
          },
          {
            "name": "DSA-5127",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5127"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20220506-0006/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20220506-0006/"
          },
          {
            "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
            "refsource": "MLIST",
            "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
          },
          {
            "name": "DSA-5173",
            "refsource": "DEBIAN",
            "url": "https://www.debian.org/security/2022/dsa-5173"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.17.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-28356"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1"
            },
            {
              "name": "[oss-security] 20220406 CVE-2022-28356: Linux kernel: refcount leak in llc_ui_bind and llc_ui_autobind",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2022/04/06/1"
            },
            {
              "name": "DSA-5127",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5127"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220506-0006/",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20220506-0006/"
            },
            {
              "name": "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
            },
            {
              "name": "DSA-5173",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5173"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-02-03T23:59Z",
      "publishedDate": "2022-04-02T21:15Z"
    }
  }
}

ghsa-x652-hrc4-qr9w

Vulnerability from github

Published

2022-04-03 00:00

Modified

2022-04-10 00:01

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-28356"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-02T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.",
  "id": "GHSA-x652-hrc4-qr9w",
  "modified": "2022-04-10T00:01:04Z",
  "published": "2022-04-03T00:00:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-28356"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/764f4eb6846f5475f1244767d24d25dd86528a4a"
    },
    {
      "type": "WEB",
      "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.1"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20220506-0006"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5127"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2022/dsa-5173"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2022/04/06/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Action not permitted

CVE-2022-28356

Vulnerability from cvelistv5

wid-sec-w-2022-0163

Vulnerability from csaf_certbund

gsd-2022-28356

Vulnerability from gsd

ghsa-x652-hrc4-qr9w

Vulnerability from github

Tags