CVE-2022-3595
LOWLinux Kernel < 6.1 - Use-After-Free in CIFS Handler sess_free_buffer
Title source: llmDescription
A vulnerability was found in Linux Kernel. It has been rated as problematic. Affected by this issue is the function sess_free_buffer of the file fs/cifs/sess.c of the component CIFS Handler. The manipulation leads to double free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211364.
References (2)
Core 2
Core References
Mailing List, Patch, Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=b854b4ee66437e6e1622fda90529c814978cb4ca
Third Party Advisory, VDB Entry
https://vuldb.com/?id.211364
Scores
CVSS v3
3.5
EPSS
0.0027
EPSS Percentile
18.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-119
CWE-415
Status
published
Products (1)
linux/linux_kernel
< 6.1
Published
Oct 18, 2022
Tracked Since
Feb 18, 2026