Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2022-39842
HistorySep 07, 2022 - 3:49 p.m.

CVE-2022-39842

2022-09-0715:49:15
redhat.com
access.redhat.com
28
linux kernel
pxa3xx_gcu_write
issue
cve-2022-39842
drivers/video/fbdev/pxa3xx-gcu.c
integer overflow
size check
heap overflow
copy_from_user()

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON

An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen.

Related

ubuntucve 1
cbl_mariner 2
cvelist 1
debiancve 1
osv 19
nessus 30
prion 1
nvd 1
cve 1
amazon 3
openvas 23
ubuntu 15
mageia 2
debian 3
redos 1
slackware 1
ubuntucve
ubuntucve
CVE-2022-39842
2022-09-05 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-39842 affecting package kernel for versions less than 5.15.70.1-1
2022-10-17 22:54:53
CVE-2022-39842 affecting package kernel 5.10.144.1-1
2022-10-13 00:40:31
cvelist
cvelist
CVE-2022-39842
2022-09-05 00:00:00
debiancve
debiancve
CVE-2022-39842
2022-09-05 07:15:08
osv
osv
Linux kernel vulnerability advisory
2023-02-01 00:00:00
linux-azure vulnerabilities
2023-01-09 20:51:27
linux-snapdragon vulnerabilities
2023-02-09 23:00:01
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2022-39842)
2023-03-28 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-037)
2022-10-25 00:00:00
Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5865-1)
2023-02-10 00:00:00
prion
prion
Integer overflow
2022-09-05 07:15:00
nvd
nvd
CVE-2022-39842
2022-09-05 07:15:08
cve
cve
CVE-2022-39842
2022-09-05 07:15:08
amazon
amazon
Important: kernel
2022-10-31 19:40:00
Important: kernel
2022-12-01 17:33:00
Important: kernel
2022-10-31 19:40:00
openvas
openvas
Ubuntu: Security Advisory (USN-5791-3)
2023-01-11 00:00:00
Ubuntu: Security Advisory (USN-5791-1)
2023-01-09 00:00:00
Ubuntu: Security Advisory (USN-5791-2)
2023-01-10 00:00:00
ubuntu
ubuntu
Linux kernel (Azure) vulnerabilities
2023-01-10 00:00:00
Linux kernel (Qualcomm Snapdragon) vulnerabilities
2023-02-09 00:00:00
Linux kernel vulnerabilities
2023-02-09 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2022-10-23 23:35:49
Updated kernel-linus packages fix security vulnerabilities
2022-10-23 23:35:49
debian
debian
[SECURITY] [DSA 5257-1] linux security update
2022-10-18 21:06:43
[SECURITY] [DLA 3131-1] linux security update
2022-10-02 16:44:48
[SECURITY] [DLA 3173-1] linux-5.10 security update
2022-11-01 20:57:30
redos
redos
ROS-20221220-01
2022-12-20 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2022-11-29 21:04:28

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

19.0%

JSON
Related for RH:CVE-2022-39842
ubuntucve1cbl_mariner2cvelist1debiancve1osv19nessus30prion1nvd1cve1amazon3openvas23ubuntu15mageia2debian3redos1slackware1