Updated: 2026-02-27 01:47:25.973347
Description:
An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | LOW | 2.1 |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Ignored | 2023-11-21 04:12:19 | This flaw is confined to the sr9700 USB‑to‑Ethernet driver and is only reachable if a CoreChip S... | |
| CentOS 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2022-04-27 16:14:03 | Ignored due to low severity | |
| CentOS 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Ignored | 2023-09-19 09:30:02 | Ignored due to low severity | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2022-04-27 16:14:04 | Ignored due to low severity | |
| CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2022-04-27 16:14:04 | Ignored due to low severity | |
| CloudLinux 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2022-04-27 16:14:04 | Ignored due to low severity | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2022-11-30 10:07:14 | Ignored due to low severity | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Ignored | 2022-09-28 08:02:34 | Ignored due to low severity | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 5.5 | MEDIUM | Released | CLSA-2023:1684277390 | 2023-05-16 21:27:34 | Ignored due to low severity |
| Ubuntu 18.04 ELS | linux | 4.15.0 | 5.5 | MEDIUM | Ignored | 2023-03-02 04:04:04 | Ignored due to low severity |