CVE-2022-38690

EPSS 0.04%
Veröffentlicht 14.10.2022 19:15:13
Zuletzt bearbeitet 15.05.2025 15:15:58
Quelle security@unisoc.com
CVE-Watchlists
Login
Unerledigt
Login

In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Google ≫ Android Version10.0

   Unisoc ≫ S8000 Version-
   Unisoc ≫ Sc7731e Version-
   Unisoc ≫ Sc9832e Version-
   Unisoc ≫ Sc9863a Version-
   Unisoc ≫ T310 Version-
   Unisoc ≫ T606 Version-
   Unisoc ≫ T610 Version-
   Unisoc ≫ T612 Version-
   Unisoc ≫ T616 Version-
   Unisoc ≫ T618 Version-
   Unisoc ≫ T760 Version-
   Unisoc ≫ T770 Version-
   Unisoc ≫ T820 Version-

Google ≫ Android Version11.0

Google ≫ Android Version12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.114

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://www.unisoc.com/en_us/secy/announcementDetail/1575654905820020738

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-38690

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-38690

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-38690

EUVD