Vulnerabilities > CVE-2022-33743
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.
Vulnerable Configurations
References
- http://www.openwall.com/lists/oss-security/2022/07/05/5
- http://www.openwall.com/lists/oss-security/2022/07/05/5
- http://xenbits.xen.org/xsa/advisory-405.html
- http://xenbits.xen.org/xsa/advisory-405.html
- https://www.debian.org/security/2022/dsa-5191
- https://www.debian.org/security/2022/dsa-5191
- https://xenbits.xenproject.org/xsa/advisory-405.txt
- https://xenbits.xenproject.org/xsa/advisory-405.txt