High severity7.8NVD Advisory· Published Jan 12, 2023· Updated Jun 17, 2026
CVE-2022-3977
CVE-2022-3977
Description
A use-after-free flaw was found in the Linux kernel MCTP (Management Component Transport Protocol) functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/nvdMailing ListPatchVendor Advisory
- security.netapp.com/advisory/ntap-20230223-0005/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.