CVE-2022-32981

Exploit

EPSS 0.61%
Published 10.06.2022 20:15:08
Last modified 21.11.2024 07:07:21
Source cve@mitre.org
CVE-Watchlists
Login
Open
Login

An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version <= 5.18.3

Linux ≫ Linux Kernel Version5.19 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.61%	0.687

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

http://www.openwall.com/lists/oss-security/2022/06/14/3

Patch

Third Party Advisory

Exploit

Mailing List

https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=8e1278444446fc97778a5e5c99bca1ce0bbc5ec9

Patch

Vendor Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2022-32981

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-32981

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-32981

EUVD