CVE-2022-3521

low-risk
Published 2022-10-16

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.6/10 Low
ADJACENT_NETWORK / HIGH complexity

Affected Products (5)

Affected Vendors

Debian Linux

References (8)

Mailing List https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec...
Mailing List https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
Mailing List https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
Permissions Required https://vuldb.com/?id.211018
Mailing List https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec...
Mailing List https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
Mailing List https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html
Permissions Required https://vuldb.com/?id.211018
19
/ 100
low-risk
Severity 7/34 · Low
Exploitability 0/34 · Minimal
Exposure 12/34 · Low