CVE-2022-3707 — Vulnetix

CVE-2022-3707 PUBLISHED CVSS 8.699999809265137 HIGH

Es existiert eine Schwachstelle im Linux Kernel. Diese ist auf einen Double-Free-Fehler zurückzuführen, welcher in der Funktion "intel_gvt_dma_map_guest_page" auftritt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen.

EPSS 0.01% · 2.7th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.01%

2.7th percentile

Affected Products

Vendor	Product	Versions
Juniper	Juniper JUNOS ACX7100-32C
SUSE	SUSE Linux
Juniper	Juniper EX Series
Juniper	Juniper SRX Series
Red Hat	Red Hat Enterprise Linux
Ubuntu	Ubuntu Linux
Juniper	Juniper JUNOS PTX Series
Juniper	Juniper JUNOS ACX7100-48L
Oracle	Oracle Linux
Juniper	Juniper JUNOS Evolved
Juniper	Juniper JUNOS
Juniper	Juniper EX Series EX9200
Juniper	Juniper QFX Series 5000
Juniper	Juniper MX Series
Juniper	Juniper EX Series 4100
Open Source	Open Source Linux Kernel
Juniper	Juniper EX Series 4600
Juniper	Juniper Junos Space <24.1R2
Debian	Debian Linux
Juniper	Juniper EX Series 4400

…and 1 more

Exploit Intelligence

Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) (github-poc)
EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)
EXPL_Log4j_CVE_2021_44228_Dec21_Hard_RID31D9.yar (github-yara)

…and 150 more exploits

Timeline

Jun 28, 2021 PoC Published
Dec 11, 2021 PoC Published
Dec 13, 2021 PoC Published
Jun 7, 2022 PoC Published
Sep 16, 2022 PoC Published
Oct 26, 2022 CVE Published
Mar 7, 2023 EPSS Score
Apr 15, 2023 EPSS Score
May 24, 2023 EPSS Score
Jul 2, 2023 EPSS Score
Aug 10, 2023 EPSS Score
Sep 18, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064 advisory
https://supportportal.juniper.net/JSA11272 advisory
https://supportportal.juniper.net/JSA75233 advisory
https://supportportal.juniper.net/JSA75721 advisory
https://supportportal.juniper.net/JSA75723 advisory
https://supportportal.juniper.net/JSA75725 advisory
https://supportportal.juniper.net/JSA75727 advisory
https://supportportal.juniper.net/JSA75729 advisory
https://supportportal.juniper.net/JSA75730 advisory
https://supportportal.juniper.net/JSA75733 advisory
https://supportportal.juniper.net/JSA75734 advisory
https://supportportal.juniper.net/JSA75735 advisory
https://supportportal.juniper.net/JSA75736 advisory
https://supportportal.juniper.net/JSA75737 advisory
https://supportportal.juniper.net/JSA75738 advisory
https://supportportal.juniper.net/JSA75740 advisory
https://supportportal.juniper.net/JSA75741 advisory
https://supportportal.juniper.net/JSA75742 advisory
https://supportportal.juniper.net/JSA75743 advisory

…and 48 more

Open in Interactive Console →