#VU66476 Input validation error in Linux kernel


Published: 2022-08-14

Vulnerability identifier: #VU66476

Vulnerability risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-36946

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the nfqnl_mangle() function in net/netfilter/nfnetlink_queue.c in the Linux kernel when processing IPv6 packets. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://marc.info/?l=netfilter-devel&m=165883202007292&w=2

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.13
Red Hat Enterprise Linux 8.6 Extended Update Support update for kernel
Multiple vulnerabilities in Siemens SIMATIC MV500 Devices
Multiple vulnerabilities in Siemens Integrated SCALANCE S615 of SINAMICS Medium Voltage products
SUSE update for the Linux Kernel
Multiple vulnerabilities in IBM Spectrum Protect Plus
Multiple vulnerabilities in Siemens RUGGEDCOM and SCALANCE Products
Multiple vulnerabilities in IBM Spectrum Copy Data Management
Multiple vulnerabilities in Dell VxRail Appliance components
SUSE update for the Linux Kernel