5.5
CVE-2022-3108
- EPSS 0.21%
- Veröffentlicht 14.12.2022 21:15:12
- Zuletzt bearbeitet 22.04.2025 15:15:59
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.16.0
Linux ≫ Linux Kernel Version5.16.0 Update-
Linux ≫ Linux Kernel Version5.16.0 Updaterc1
Linux ≫ Linux Kernel Version5.16.0 Updaterc2
Linux ≫ Linux Kernel Version5.16.0 Updaterc3
Linux ≫ Linux Kernel Version5.16.0 Updaterc4
Linux ≫ Linux Kernel Version5.16.0 Updaterc5
Linux ≫ Linux Kernel Version5.16.0 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.115 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-252 Unchecked Return Value
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
https://bugzilla.redhat.com/show_bug.cgi?id=2153052
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=abfaf0eee97925905e742aa3b0b72e04a918fa9e