CVE-2022-0286
MEDIUMLinux Kernel - Denial of Service via Null Pointer Dereference in bond_ipsec_add_sa()
Title source: llmDescription
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service.
References (3)
Core 3
Core References
Exploit, Mailing List, Patch, Vendor Advisory x_refsource_misc
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40
Exploit, Mailing List, Third Party Advisory x_refsource_misc
https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujul2022.html
Scores
CVSS v3
5.5
EPSS
0.0008
EPSS Percentile
24.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (4)
linux/linux_kernel
oracle/communications_cloud_native_core_binding_support_function
22.1.3
oracle/communications_cloud_native_core_network_exposure_function
22.1.1
oracle/communications_cloud_native_core_policy
22.2.0
Published
Jan 31, 2022
Tracked Since
Feb 18, 2026