CVE-2022-3629

LOW

Linux Kernel - Memory Leak

Title source: rule

Description

A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability.

References (3)

[Mailing List, Patch, Vendor Advisory] https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=7e97cfed9929eaabc41829c395eb0d1350fccb9d

[Third Party Advisory] https://vuldb.com/?ctiid.211930

[Third Party Advisory] https://vuldb.com/?id.211930

Scores

CVSS v3 2.6

EPSS 0.0006

EPSS Percentile 18.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-401

Status published

Affected Products (2)

linux/linux_kernel

debian/debian_linux

Timeline

Published Oct 21, 2022

Tracked Since Feb 18, 2026