6.5 CVE-2022-3551
A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.
https://nvd.nist.gov/vuln/detail/CVE-2022-3551
Categories
CWE-404 : Improper Resource Shutdown or Release
When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.
CWE-401 : Missing Release of Memory after Effective Lifetime
This is often triggered by improper handling of malformed data or unexpectedly interrupted sessions. In some languages, developers are responsible for tracking memory allocation and releasing the memory. If there are no more pointers or references to the memory, then it can no longer be tracked and identified for release.
References
DEBIAN
FEDORA
N/A Patch
N/A
Third Party Advisory VDB Entry |
N/A
Mailing List Patch Vendor Advisory |
_MLIST
CPE
| cpe |
start |
end |
| Configuration 1 |
| cpe:2.3:a:x.org:x_server:-:*:*:*:*:*:*:* |
|
|
| Configuration 2 |
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
|
|
| cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
|
|
| Configuration 3 |
| cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
|
| cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
|
|
| cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* |
|
|
Patch
Exploits
Exploit-db.com
| id |
description |
date |
|
| No known exploits |
Other (github, ...)
CAPEC
| id |
description |
severity |
| 131 |
Resource Leak Exposure
An adversary utilizes a resource leak on the target to deplete the quantity of the resource available to service legitimate requests. |
Medium |
| 666 |
BlueSmacking
An adversary uses Bluetooth flooding to transfer large packets to Bluetooth enabled devices over the L2CAP protocol with the goal of creating a DoS. This attack must be carried out within close proximity to a Bluetooth enabled device. [Scan for Bluetooth Enabled Devices] Using BlueZ along with an antenna, an adversary searches for devices with Bluetooth on. [Change L2CAP Packet Length] The adversary must change the L2CAP packet length to create packets that will overwhelm a Bluetooth enabled device. [Flood] An adversary sends the packets to the target device, and floods it until performance is degraded. |
Medium |
| 125 |
Flooding
An adversary consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the adversary can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target. |
Medium |
| 130 |
Excessive Allocation
An adversary causes the target to allocate excessive resources to servicing the attackers' request, thereby reducing the resources available for legitimate services and degrading or denying services. Usually, this attack focuses on memory allocation, but any finite resource on the target could be the attacked, including bandwidth, processing cycles, or other resources. This attack does not attempt to force this allocation through a large number of requests (that would be Resource Depletion through Flooding) but instead uses one or a small number of requests that are carefully formatted to force the target to allocate excessive resources to service this request(s). Often this attack takes advantage of a bug in the target to cause the target to allocate resources vastly beyond what would be needed for a normal request. |
Medium |
| 494 |
TCP Fragmentation
An adversary may execute a TCP Fragmentation attack against a target with the intention of avoiding filtering rules of network controls, by attempting to fragment the TCP packet such that the headers flag field is pushed into the second fragment which typically is not filtered. |
|
| 495 |
UDP Fragmentation
An attacker may execute a UDP Fragmentation attack against a target server in an attempt to consume resources such as bandwidth and CPU. IP fragmentation occurs when an IP datagram is larger than the MTU of the route the datagram has to traverse. Typically the attacker will use large UDP packets over 1500 bytes of data which forces fragmentation as ethernet MTU is 1500 bytes. This attack is a variation on a typical UDP flood but it enables more network bandwidth to be consumed with fewer packets. Additionally it has the potential to consume server CPU resources and fill memory buffers associated with the processing and reassembling of fragmented packets. |
|
| 496 |
ICMP Fragmentation
An attacker may execute a ICMP Fragmentation attack against a target with the intention of consuming resources or causing a crash. The attacker crafts a large number of identical fragmented IP packets containing a portion of a fragmented ICMP message. The attacker these sends these messages to a target host which causes the host to become non-responsive. Another vector may be sending a fragmented ICMP message to a target host with incorrect sizes in the header which causes the host to hang. |
|
Sherlock® flash
Take a picture of your computer network in a few clicks !
The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.
Discover this offer
