Severity

High

Analysis Summary

CVE-2022-0435

Linux Kernel is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the Transparent Inter Process Communication (TIPC) module. By sending a specially-crafted domain record containing an arbitrary payload, a remote attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system.

Impact

• Buffer Overflow

Indicators of Compromise

CVE

• CVE-2022-0435

Affected Vendors

Linux

Affected Products

• Linux Kernel 4.9
• Linux Kernel 4.10
• Linux Kernel 4.8.0
• Linux Kernel 4.11

Remediation

Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information