CVE-2022-23086

EPSS 0.24%
Veröffentlicht 15.02.2024 05:15:09
Zuletzt bearbeitet 09.12.2024 23:24:03
Quelle secteam@freebsd.org
Teams Watchlist Login
Unerledigt Login

Handlers for *_CFG_PAGE read / write ioctls in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header.  Other heap content would be overwritten if the specified size was too small.

Users with access to the mpr, mps or mpt device node may overwrite heap data, potentially resulting in privilege escalation.  Note that the device node is only accessible to root and members of the operator group.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Freebsd ≫ Freebsd Version >= 12.0 < 12.3

Freebsd ≫ Freebsd Version12.3 Update-

Freebsd ≫ Freebsd Version12.3 Updatep1

Freebsd ≫ Freebsd Version12.3 Updatep2

Freebsd ≫ Freebsd Version12.3 Updatep3

Freebsd ≫ Freebsd Version12.3 Updatep4

Freebsd ≫ Freebsd Version13.0 Update-

Freebsd ≫ Freebsd Version13.0 Updatebeta1

Freebsd ≫ Freebsd Version13.0 Updatebeta2

Freebsd ≫ Freebsd Version13.0 Updatebeta3

Freebsd ≫ Freebsd Version13.0 Updatebeta3-p1

Freebsd ≫ Freebsd Version13.0 Updatebeta4

Freebsd ≫ Freebsd Version13.0 Updatep1

Freebsd ≫ Freebsd Version13.0 Updatep10

Freebsd ≫ Freebsd Version13.0 Updatep2

Freebsd ≫ Freebsd Version13.0 Updatep3

Freebsd ≫ Freebsd Version13.0 Updatep4

Freebsd ≫ Freebsd Version13.0 Updatep5

Freebsd ≫ Freebsd Version13.0 Updatep6

Freebsd ≫ Freebsd Version13.0 Updatep7

Freebsd ≫ Freebsd Version13.0 Updatep8

Freebsd ≫ Freebsd Version13.0 Updatep9

Freebsd ≫ Freebsd Version13.0 Updaterc1

Freebsd ≫ Freebsd Version13.0 Updaterc2

Freebsd ≫ Freebsd Version13.0 Updaterc3

Freebsd ≫ Freebsd Version13.0 Updaterc4

Freebsd ≫ Freebsd Version13.0 Updaterc5

Freebsd ≫ Freebsd Version13.0 Updaterc5-p1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.476

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://security.freebsd.org/advisories/FreeBSD-SA-22:06.ioctl.asc

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240419-0002/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-23086

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23086

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23086

EUVD