CVE-2022-29021

Опубликовано: 20 мая 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.

Ссылки

https://github.com/openrazer/openrazer/pull/1790
Exploit
Third Party Advisory
https://www.cyberark.com/resources/threat-research-blog/colorful-vulnerabilities
Exploit
Third Party Advisory
https://github.com/openrazer/openrazer/pull/1790
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html
https://www.cyberark.com/resources/threat-research-blog/colorful-vulnerabilities
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openrazer_project:openrazer:*:*:*:*:*:*:*:*

Версия до 3.3.0 (включая)

EPSS

Процентиль: 49%

0.00257

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-120

Связанные уязвимости

CVE-2022-29021

CVSS3: 9.8

ubuntu

больше 3 лет назад

CVE-2022-29021

CVSS3: 9.8

debian

больше 3 лет назад

A buffer overflow vulnerability exists in the razerkbd driver of OpenR ...

GHSA-xm8g-mhgj-5vhv

CVSS3: 7.5

github

больше 3 лет назад

A buffer overflow in the razerkbd driver of OpenRazer v3.3.0 and below allows attackers to cause a Denial of Service (DoS) via a crafted buffer sent to the matrix_custom_frame device.

EPSS

Процентиль: 49%

0.00257

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-120