CVE-2022-0382
Description
An information leak flaw was found due to uninitialized memory in the Linux kernels TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.05
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-5337-1) linux-image-aws_5.13.0.1019.20_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-aws_5.13.0.1022.24~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-gcp_5.13.0.1021.19_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-gke_5.13.0.1021.19_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-kvm_5.13.0.1018.18_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-generic_5.13.0.37.46_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-virtual_5.13.0.37.46_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-oem-20.04_5.13.0.37.46_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-lowlatency_5.13.0.37.46_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-1018-kvm_5.13.0-1018.19_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-1019-aws_5.13.0-1019.21_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-1019-aws_5.13.0-1019.21~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-1021-gcp_5.13.0-1021.25_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-37-generic_5.13.0-37.42_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-37-generic_5.13.0-37.42~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-generic-hwe-20.04_5.13.0.37.42~20.04.22_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-virtual-hwe-20.04_5.13.0.37.42~20.04.22_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-37-lowlatency_5.13.0-37.42_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-37-lowlatency_5.13.0-37.42~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-lowlatency-hwe-20.04_5.13.0.37.42~20.04.22_amd64.deb | Linux |
| Linux kernel for Microsoft Azure cloud systems (USN-5368-1) linux-image-azure_5.13.0.1021.24~20.04.10_amd64.deb | Linux |
| Linux kernel for Microsoft Azure cloud systems (USN-5368-1) linux-image-oracle_5.13.0.1025.30~20.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure cloud systems (USN-5368-1) linux-image-5.13.0-1021-azure_5.13.0-1021.24~20.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure cloud systems (USN-5368-1) linux-image-5.13.0-1025-oracle_5.13.0-1025.30~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5337-1) linux-image-5.13.0-1021-gcp_5.13.0-1021.25~20.04.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234