{"containers":{"cna":{"affected":[{"product":"kernel","vendor":"n/a","versions":[{"lessThan":"unspecified","status":"affected","version":"4.18","versionType":"custom"},{"lessThanOrEqual":"4.19","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-911","description":"CWE-911 Improper Update of Reference Count","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2022-07-15T15:06:58.000Z","orgId":"cb8f1db9-b4b1-487b-a760-f65c4f368d8e","shortName":"Anolis"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.openanolis.cn/show_bug.cgi?id=61"},{"tags":["x_refsource_MISC"],"url":"https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/"},{"tags":["x_refsource_MISC"],"url":"https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a"},{"tags":["x_refsource_MISC"],"url":"https://gitee.com/anolis/cloud-kernel/commit/bed537da691b"},{"tags":["x_refsource_MISC"],"url":"https://anas.openanolis.cn/cves/detail/CVE-2022-1678"},{"tags":["x_refsource_MISC"],"url":"https://anas.openanolis.cn/errata/detail/ANSA-2022:0143"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20220715-0001/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@openanolis.org","ID":"CVE-2022-1678","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"kernel","version":{"version_data":[{"version_affected":">=","version_value":"4.18"},{"version_affected":"<=","version_value":"4.19"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients."}]},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.9,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-911 Improper Update of Reference Count"}]}]},"references":{"reference_data":[{"name":"https://bugzilla.openanolis.cn/show_bug.cgi?id=61","refsource":"CONFIRM","url":"https://bugzilla.openanolis.cn/show_bug.cgi?id=61"},{"name":"https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing@gmail.com/","refsource":"MISC","url":"https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing@gmail.com/"},{"name":"https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a","refsource":"MISC","url":"https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a"},{"name":"https://gitee.com/anolis/cloud-kernel/commit/bed537da691b","refsource":"MISC","url":"https://gitee.com/anolis/cloud-kernel/commit/bed537da691b"},{"name":"https://anas.openanolis.cn/cves/detail/CVE-2022-1678","refsource":"MISC","url":"https://anas.openanolis.cn/cves/detail/CVE-2022-1678"},{"name":"https://anas.openanolis.cn/errata/detail/ANSA-2022:0143","refsource":"MISC","url":"https://anas.openanolis.cn/errata/detail/ANSA-2022:0143"},{"name":"https://security.netapp.com/advisory/ntap-20220715-0001/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20220715-0001/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T00:10:03.820Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.openanolis.cn/show_bug.cgi?id=61"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://gitee.com/anolis/cloud-kernel/commit/bed537da691b"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://anas.openanolis.cn/cves/detail/CVE-2022-1678"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://anas.openanolis.cn/errata/detail/ANSA-2022:0143"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20220715-0001/"}]}]},"cveMetadata":{"assignerOrgId":"cb8f1db9-b4b1-487b-a760-f65c4f368d8e","assignerShortName":"Anolis","cveId":"CVE-2022-1678","datePublished":"2022-05-25T14:49:30.000Z","dateReserved":"2022-05-12T00:00:00.000Z","dateUpdated":"2024-08-03T00:10:03.820Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}