CVE-2022-23085

EPSS 0.18%
Veröffentlicht 15.02.2024 05:15:09
Zuletzt bearbeitet 09.12.2024 17:27:22
Quelle secteam@freebsd.org
Teams Watchlist Login
Unerledigt Login

A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow.  This insufficient bounds checking could lead to kernel memory corruption.

On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Freebsd ≫ Freebsd Version >= 12.0 < 12.3

Freebsd ≫ Freebsd Version12.3 Update-

Freebsd ≫ Freebsd Version12.3 Updatep1

Freebsd ≫ Freebsd Version12.3 Updatep2

Freebsd ≫ Freebsd Version12.3 Updatep3

Freebsd ≫ Freebsd Version12.3 Updatep4

Freebsd ≫ Freebsd Version13.0 Update-

Freebsd ≫ Freebsd Version13.0 Updatebeta1

Freebsd ≫ Freebsd Version13.0 Updatebeta2

Freebsd ≫ Freebsd Version13.0 Updatebeta3

Freebsd ≫ Freebsd Version13.0 Updatebeta3-p1

Freebsd ≫ Freebsd Version13.0 Updatebeta4

Freebsd ≫ Freebsd Version13.0 Updatep1

Freebsd ≫ Freebsd Version13.0 Updatep10

Freebsd ≫ Freebsd Version13.0 Updatep2

Freebsd ≫ Freebsd Version13.0 Updatep3

Freebsd ≫ Freebsd Version13.0 Updatep4

Freebsd ≫ Freebsd Version13.0 Updatep5

Freebsd ≫ Freebsd Version13.0 Updatep6

Freebsd ≫ Freebsd Version13.0 Updatep7

Freebsd ≫ Freebsd Version13.0 Updatep8

Freebsd ≫ Freebsd Version13.0 Updatep9

Freebsd ≫ Freebsd Version13.0 Updaterc1

Freebsd ≫ Freebsd Version13.0 Updaterc2

Freebsd ≫ Freebsd Version13.0 Updaterc3

Freebsd ≫ Freebsd Version13.0 Updaterc4

Freebsd ≫ Freebsd Version13.0 Updaterc5

Freebsd ≫ Freebsd Version13.0 Updaterc5-p1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.18%	0.396

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.2	1.5	6	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://security.freebsd.org/advisories/FreeBSD-SA-22:04.netmap.asc

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240322-0004/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-23085

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23085

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23085

EUVD