Reset Search
 

 

Article

SA45609 - OpenSSL Security Advisory CVE-2022-2588

« Go Back

Information

 
Product Affected
Problem
A vulnerability has been reported under https://ubuntu.com/security/CVE-2022-2588

Description:
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.
The network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
 
Solution
Ivanti(Pulse Products) are not vulnerable to CVE-2022-2588
 
Workaround
Implementation
Related Links
CVSS Score6.9 Medium CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N
Risk Assessment
Acknowledgements
Alert Type 
Risk Level 
Attachment 1 
Attachment 2 
Legacy ID

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255