CVE-2022-4128

A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/torvalds/linux/commit/5c835bb142d4	Patch Vendor Advisory
https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/	Patch Vendor Advisory
https://github.com/torvalds/linux/commit/5c835bb142d4	Patch Vendor Advisory
https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc5::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc6::::::

History

No history.

Information

Published : 2022-11-28 22:15

Updated : 2025-06-25 20:57

NVD link : CVE-2022-4128

Mitre link : CVE-2022-4128

CVE.ORG link : CVE-2022-4128

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2022-4128", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2022-11-28T22:15:11.117", "references": [{"url": "https://github.com/torvalds/linux/commit/5c835bb142d4", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/torvalds/linux/commit/5c835bb142d4", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lore.kernel.org/netdev/20220708233610.410786-2-mathew.j.martineau%40linux.intel.com/", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A NULL pointer dereference issue was discovered in the Linux kernel in the MPTCP protocol when traversing the subflow list at disconnect time. A local user could use this flaw to potentially crash the system causing a denial of service."}, {"lang": "es", "value": "Se descubri\u00f3 un problema de desreferencia de puntero NULL en el kernel de Linux en el protocolo MPTCP al atravesar la lista de subflujo en el momento de la desconexi\u00f3n. Un usuario local podr\u00eda utilizar esta falla para bloquear potencialmente el sistema y provocar una Denegaci\u00f3n de Servicio (DoS)."}], "lastModified": "2025-06-25T20:57:22.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6521F7AB-7512-4630-A607-5010A8253592", "versionEndIncluding": "5.18", "versionStartIncluding": "5.17"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF8547FC-C849-4F1B-804B-A93AE2F04A92"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3068028-F453-4A1C-B80F-3F5609ACEF60"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E9C0DB0-D349-489F-A3D6-B77214E93A8A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A0DE3B7-0FFB-45AA-9BD6-19870CA7C6FD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00AE778B-BAEE-49EB-9F84-003B73D7862A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}