SB20240620200 - Input validation error in Linux kernel tipc
Published: June 20, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240620200
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2022-48711)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the tipc_mon_rcv() function in net/tipc/monitor.c, within the tipc_link_proto_rcv() function in net/tipc/link.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/175db196e45d6f0e6047eccd09c8ba55465eb131
- https://git.kernel.org/stable/c/fde4ddeadd099bf9fbb9ccbee8e1b5c20d530a2d
- https://git.kernel.org/stable/c/f1af11edd08dd8376f7a84487cbb0ea8203e3a1d
- https://git.kernel.org/stable/c/d692e3406e052dbf9f6d9da0cba36cb763272529
- https://git.kernel.org/stable/c/3c7e5943553594f68bbc070683db6bb6f6e9e78e
- https://git.kernel.org/stable/c/1f1788616157b0222b0c2153828b475d95e374a7
- https://git.kernel.org/stable/c/59ff7514f8c56f166aadca49bcecfa028e0ad50f
- https://git.kernel.org/stable/c/9aa422ad326634b76309e8ff342c246800621216
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.266
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.229
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.301
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.100
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.23
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.179