CVE Vulnerabilities

CVE-2022-38767

Published: Nov 25, 2022 | Modified: Apr 25, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

An issue was discovered in Wind River VxWorks 6.9 and 7, that allows a specifically crafted packet sent by a Radius server, may cause Denial of Service during the IP Radius access procedure.

Affected Software

Name Vendor Start Version End Version
Vxworks Windriver 6.9 (including) 6.9.4.12 (excluding)
Vxworks Windriver 6.9.4.12 (including) 6.9.4.12 (including)
Vxworks Windriver 6.9.4.12-rolling_cumulative_patch_layer1 (including) 6.9.4.12-rolling_cumulative_patch_layer1 (including)
Vxworks Windriver 6.9.4.12-rolling_cumulative_patch_layer2 (including) 6.9.4.12-rolling_cumulative_patch_layer2 (including)
Vxworks Windriver 6.9.4.12-rolling_cumulative_patch_layer3 (including) 6.9.4.12-rolling_cumulative_patch_layer3 (including)
Vxworks Windriver 6.9.4.12-rolling_cumulative_patch_layer4 (including) 6.9.4.12-rolling_cumulative_patch_layer4 (including)
Vxworks Windriver 6.9.4.12-rolling_cumulative_patch_layer5 (including) 6.9.4.12-rolling_cumulative_patch_layer5 (including)
Vxworks Windriver 7.0 (including) 7.0 (including)

References