An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Netapp
  • A700s
  • A700s Firmware
  • Active Iq Unified Manager
  • Aff 500f
  • Aff 500f Firmware
  • Aff 8300
  • Aff 8300 Firmware
  • Aff 8700
  • Aff 8700 Firmware
  • Aff A250
  • Aff A250 Firmware
  • Aff A400
  • Aff A400 Firmware
  • E-series Santricity Os Controller
  • Fas 500f
  • Fas 500f Firmware
  • Fas 8300
  • Fas 8300 Firmware
  • Fas 8700
  • Fas 8700 Firmware
  • Fas A250
  • Fas A250 Firmware
  • Fas A400
  • Fas A400 Firmware
  • H300s
  • H300s Firmware
  • H410c
  • H410c Firmware
  • H410s
  • H410s Firmware
  • H500s
  • H500s Firmware
  • H610c
  • H610c Firmware
  • H610s
  • H610s Firmware
  • H615c
  • H615c Firmware
  • H700s
  • H700s Firmware
  • Hci Bootstrap Os
Redhat
  • Enterprise Linux
  • Rhel Eus
  • Rhev Hypervisor

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:netapp:fas_a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas_a400:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:netapp:fas_a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas_a250:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:netapp:fas_500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fas_500f:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:netapp:aff_500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_500f:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-477.10.1.rt7.274.el8_8 cpe:/a:redhat:enterprise_linux:8::nfv RHSA-2023:2736 2023-05-16T00:00:00Z
kernel-0:4.18.0-477.10.1.el8_8 cpe:/o:redhat:enterprise_linux:8 RHSA-2023:2951 2023-05-16T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
kernel-0:4.18.0-372.75.1.el8_6 cpe:/o:redhat:rhel_eus:8.6 RHSA-2023:5627 2023-10-10T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-284.11.1.el9_2 cpe:/a:redhat:enterprise_linux:9 RHSA-2023:2458 2023-05-09T00:00:00Z
kernel-rt-0:5.14.0-284.11.1.rt14.296.el9_2 cpe:/a:redhat:enterprise_linux:9::nfv RHSA-2023:2148 2023-05-09T00:00:00Z
kernel-0:5.14.0-284.11.1.el9_2 cpe:/o:redhat:enterprise_linux:9 RHSA-2023:2458 2023-05-09T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
kernel-0:5.14.0-70.85.1.el9_0 cpe:/a:redhat:rhel_eus:9.0 RHSA-2024:0432 2024-01-25T00:00:00Z
kernel-rt-0:5.14.0-70.85.1.rt21.156.el9_0 cpe:/a:redhat:rhel_eus:9.0::nfv RHSA-2024:0431 2024-01-25T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
kernel-0:4.18.0-372.75.1.el8_6 cpe:/o:redhat:rhev_hypervisor:4.4::el8 RHSA-2023:5627 2023-10-10T00:00:00Z
References
Link Providers
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 cve-icon cve-icon
https://github.com/torvalds/linux/commit/f85daf0e725358be78dfd208dea5fd665d8cb901 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-36879 cve-icon
https://security.netapp.com/advisory/ntap-20220901-0007/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-36879 cve-icon
https://www.debian.org/security/2022/dsa-5207 cve-icon cve-icon
History

Mon, 05 May 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-07-27T03:27:41.000Z

Updated: 2025-05-05T16:13:47.182Z

Reserved: 2022-07-27T00:00:00.000Z

Link: CVE-2022-36879

cve-icon Vulnrichment

Updated: 2024-08-03T10:14:29.394Z

cve-icon NVD

Status : Modified

Published: 2022-07-27T04:15:10.740

Modified: 2025-05-05T16:15:17.580

Link: CVE-2022-36879

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-06-02T00:00:00Z

Links: CVE-2022-36879 - Bugzilla