Vulnerabilities > CVE-2022-0435 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2048738
- https://bugzilla.redhat.com/show_bug.cgi?id=2048738
- https://security.netapp.com/advisory/ntap-20220602-0001/
- https://security.netapp.com/advisory/ntap-20220602-0001/
- https://www.openwall.com/lists/oss-security/2022/02/10/1
- https://www.openwall.com/lists/oss-security/2022/02/10/1