CVE-2022-1257
published 2022-04-14CVE-2022-1257: Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive…
PriorityP429medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EXPLOIT
EPSS
0.62%
45.3th percentile
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mcafee | agent | < 5.7.6 | 5.7.6 |
| mcafee_llc | mcafee_agent | >= unspecified < 5.7.6 | 5.7.6 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r8gg-2fv9-xjwj: Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5
ghsa_unreviewed·2022-04-15
CVE-2022-1257 [MEDIUM] CWE-922 GHSA-r8gg-2fv9-xjwj: Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Red Hat
kernel: Bluetooth: L2CAP: Fix memory leak in vhci_write
vendor_redhat·2025-05-01·CVSS 5.5
CVE-2022-49908 [MEDIUM] CWE-401 kernel: Bluetooth: L2CAP: Fix memory leak in vhci_write
kernel: Bluetooth: L2CAP: Fix memory leak in vhci_write
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: L2CAP: Fix memory leak in vhci_write
Syzkaller reports a memory leak as follows:
BUG: memory leak
unreferenced object 0xffff88810d81ac00 (size 240):
[...]
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[] __alloc_skb+0x1f9/0x270 net/core/skbuff.c:418
[] alloc_skb include/linux/skbuff.h:1257 [inline]
[] bt_skb_alloc include/net/bluetooth/bluetooth.h:469 [inline]
[] vhci_get_user drivers/bluetooth/hci_vhci.c:391 [inline]
[] vhci_write+0x5f/0x230 drivers/bluetooth/hci_vhci.c:511
[] call_write_iter include/linux/fs.h:2192 [inline]
[] new_syn
No detection rules found.
2022-04-14
Published