exploitDog

CVE-2022-3239

Опубликовано: 19 сент. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

Ссылки

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c08eadca1bdfa099e20a32f8fa4b52b2f672236d
Mailing List
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230214-0006/
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c08eadca1bdfa099e20a32f8fa4b52b2f672236d
Mailing List
Patch
Vendor Advisory
https://security.netapp.com/advisory/ntap-20230214-0006/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.15 (включая) до 4.14.295 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.238 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.189 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.110 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.33 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 5.16.19 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.17 (включая) до 5.17.2 (исключая)

EPSS

Процентиль: 7%

0.00031

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

CWE-416

Связанные уязвимости

CVE-2022-3239

CVSS3: 7.8

ubuntu

почти 3 года назад

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

CVE-2022-3239

CVSS3: 7

redhat

больше 3 лет назад

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

CVE-2022-3239

CVSS3: 7.8

debian

почти 3 года назад

A flaw use after free in the Linux kernel video4linux driver was found ...

GHSA-f4rx-6cwc-qgfm

CVSS3: 7.8

github

почти 3 года назад

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

ELSA-2022-9997

oracle-oval

больше 2 лет назад

ELSA-2022-9997: Unbreakable Enterprise kernel-container security update (IMPORTANT)

EPSS

Процентиль: 7%

0.00031

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

CWE-416