CVE-2022-0742

CRITICAL

Linux Kernel 5.13+ - DoS

Title source: llm

Description

Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.

References (3)

[Patch, Vendor Advisory] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20220425-0001/

[Mailing List, Third Party Advisory] https://www.openwall.com/lists/oss-security/2022/03/15/3

Scores

CVSS v3 9.1

EPSS 0.0221

EPSS Percentile 84.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Classification

CWE

CWE-401 CWE-275

Status published

Affected Products (20)

linux/linux_kernel < 5.15.27

linux/linux_kernel

netapp/a400_firmware

netapp/aff_8300_firmware

netapp/aff_8700_firmware

netapp/fas_8300_firmware

netapp/fas_8700_firmware

netapp/h300e_firmware

netapp/h300s_firmware

netapp/h410c_firmware

... and 5 more

Timeline

Published Mar 18, 2022

Tracked Since Feb 18, 2026