CVE-2022-0742

Description

Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

CVSS Metrics

• v3.1•CRITICAL•Score: 9.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
• v2.0•HIGH•Score: 7.8AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS Trends

Current EPSS score: 2.21%• Percentile: 85%

Techniques & Countermeasures

• CWE-275•Permission Issues

  Weaknesses in this category are related to improper assignment or handling of permissions.

• CWE-401•Missing Release of Memory after Effective Lifetime

  The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Affected Systems

• Unknown•Kernel

  ≥ unspecified, ≤ 5.13

• linux•linux_kernel

  ≥ 5.13, < 5.15.27 | ≥ 5.16, < 5.16.13 | 5.17:rc1 | 5.17:rc2 | 5.17:rc3 | 5.17:rc4 | 5.17:rc5 | 5.17:rc6

• netapp•a400_firmware

  na

• netapp•aff_8300_firmware

  na

• netapp•aff_8700_firmware

  na

• netapp•fas_8300_firmware

  na

• netapp•fas_8700_firmware

  na

• netapp•h300e

  na

• netapp•h300s_firmware

  na

• netapp•h410c_firmware

  na

• netapp•h410s_firmware

  na

• netapp•h500e

  na

• netapp•h500s_firmware

  na

• netapp•h700e

  na

• netapp•h700s_firmware

  na

References (3)

• https://www.openwall.com/lists/oss-security/2022/03/15/3
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc
• https://security.netapp.com/advisory/ntap-20220425-0001/