CVE-2022-3633

LOW

Linux Kernel - Memory Leak

Title source: rule

Description

A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932.

References (3)

[Mailing List, Patch, Vendor Advisory] https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git/commit/?id=8c21c54a53ab21842f5050fa090f26b03c0313d6

[Third Party Advisory] https://vuldb.com/?ctiid.211932

[Third Party Advisory] https://vuldb.com/?id.211932

Scores

CVSS v3 3.5

EPSS 0.0013

EPSS Percentile 32.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-401

Status published

Affected Products (2)

linux/linux_kernel

debian/debian_linux

Timeline

Published Oct 21, 2022

Tracked Since Feb 18, 2026