Vulnerabilities > CVE-2022-4128 - NULL Pointer Dereference vulnerability in Linux Mptcp Protocol

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
linux
CWE-476

Summary

A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.

Vulnerable Configurations

Part Description Count
OS
Linux
1

Common Weakness Enumeration (CWE)