CVE-2022-26966: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2022-26966) was discovered in the Linux kernel before version 5.16.12. The vulnerability exists in the drivers/net/usb/sr9700.c file, which allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. This vulnerability was discovered and disclosed in March 2022 (NVD, MITRE).

The vulnerability stems from improper validation of frame lengths in the sr9700 USB networking driver. A malicious device can provide bogus frame lengths to leak heap data to user space. The issue was fixed by introducing a sanity check that validates both the frame length against ETHFRAMELEN and the actual skb length (Kernel Commit). The vulnerability has been assigned a CVSS v3.1 Base Score of 5.5 (Medium) with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (NVD).

When successfully exploited, this vulnerability could lead to the disclosure of sensitive information from kernel heap memory. The impact is limited to information disclosure without the ability to modify data or cause a denial of service (NetApp Advisory).

The vulnerability has been fixed in Linux kernel version 5.16.12 and later. Users should update their systems to a patched version of the kernel. Various Linux distributions have also backported the fix to their supported kernel versions. For example, Debian 9 (Stretch) addressed this in version 4.9.320-2 (Debian Advisory).