CVE-2022-23085

EPSS 0.18%
Published 15.02.2024 05:15:09
Last modified 09.12.2024 17:27:22
Source secteam@freebsd.org
Teams watchlist Login
Open Login

A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow.  This insufficient bounds checking could lead to kernel memory corruption.

On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

Affected products Warnungen 0 Metrics 3 CWE 2 References 5

Data is provided by the National Vulnerability Database (NVD)

Freebsd ≫ Freebsd Version >= 12.0 < 12.3

Freebsd ≫ Freebsd Version12.3 Update-

Freebsd ≫ Freebsd Version12.3 Updatep1

Freebsd ≫ Freebsd Version12.3 Updatep2

Freebsd ≫ Freebsd Version12.3 Updatep3

Freebsd ≫ Freebsd Version12.3 Updatep4

Freebsd ≫ Freebsd Version13.0 Update-

Freebsd ≫ Freebsd Version13.0 Updatebeta1

Freebsd ≫ Freebsd Version13.0 Updatebeta2

Freebsd ≫ Freebsd Version13.0 Updatebeta3

Freebsd ≫ Freebsd Version13.0 Updatebeta3-p1

Freebsd ≫ Freebsd Version13.0 Updatebeta4

Freebsd ≫ Freebsd Version13.0 Updatep1

Freebsd ≫ Freebsd Version13.0 Updatep10

Freebsd ≫ Freebsd Version13.0 Updatep2

Freebsd ≫ Freebsd Version13.0 Updatep3

Freebsd ≫ Freebsd Version13.0 Updatep4

Freebsd ≫ Freebsd Version13.0 Updatep5

Freebsd ≫ Freebsd Version13.0 Updatep6

Freebsd ≫ Freebsd Version13.0 Updatep7

Freebsd ≫ Freebsd Version13.0 Updatep8

Freebsd ≫ Freebsd Version13.0 Updatep9

Freebsd ≫ Freebsd Version13.0 Updaterc1

Freebsd ≫ Freebsd Version13.0 Updaterc2

Freebsd ≫ Freebsd Version13.0 Updaterc3

Freebsd ≫ Freebsd Version13.0 Updaterc4

Freebsd ≫ Freebsd Version13.0 Updaterc5

Freebsd ≫ Freebsd Version13.0 Updaterc5-p1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.18%	0.396

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://security.freebsd.org/advisories/FreeBSD-SA-22:04.netmap.asc

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240322-0004/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-23085

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23085

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23085

EUVD