CVE-2022-0742
CRITICALLinux Kernel 5.13+ - Denial of Service via ICMPv6 Type 130/131 Packet Memory Leak
Title source: llmDescription
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.
References (3)
Core 3
Core References
Mailing List, Third Party Advisory x_refsource_misc
https://www.openwall.com/lists/oss-security/2022/03/15/3
Patch, Vendor Advisory x_refsource_misc
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220425-0001/
Scores
CVSS v3
9.1
EPSS
0.0221
EPSS Percentile
84.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-401
CWE-275
Status
published
Products (15)
linux/linux_kernel
5.17 rc1 (6 CPE variants)
linux/linux_kernel
5.13 - 5.15.27
netapp/a400_firmware
netapp/aff_8300_firmware
netapp/aff_8700_firmware
netapp/fas_8300_firmware
netapp/fas_8700_firmware
netapp/h300e_firmware
netapp/h300s_firmware
netapp/h410c_firmware
... and 5 more
Published
Mar 18, 2022
Tracked Since
Feb 18, 2026