Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-41850

Опубликовано: 30 сент. 2022
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

A race issue was found in roccat_report_event in drivers/hid/hid-roccat.c in the Human Interface Devices (HID) sub-component in the Linux kernel. This flaw allows a local attacker with a standard user privilege to cause a denial of service.

Меры по смягчению последствий

This flaw can be mitigated by preventing the affected USB Roccat kernel module from loading during the boot time. Ensure the module is added into the blacklist file.

Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-362->CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2131378kernel: Race condition in roccat_report_event in drivers/hid/hid-roccat.c

EPSS

Процентиль: 9%
0.00036
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-41850

CVSS3: 4.7
ubuntu
больше 2 лет назад

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

nvd логотип

CVE-2022-41850

CVSS3: 4.7
nvd
больше 2 лет назад

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

msrc логотип

CVE-2022-41850

CVSS3: 4.7
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-41850

CVSS3: 4.7
debian
больше 2 лет назад

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel th ...

github логотип

GHSA-hvrc-p628-rmrc

CVSS3: 4.7
github
больше 2 лет назад

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

EPSS

Процентиль: 9%
0.00036
Низкий

4.7 Medium

CVSS3