CVE-2022-36280
Severity
5.5MEDIUM
EPSS
0.0%
top 84.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 9
Latest updateMay 22
Description
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:HExploitability: 2.1 | Impact: 4.2
Affected Packages4 packages
Also affects: Debian Linux 11.0
🔴Vulnerability Details
11OSV▶
linux, linux-aws, linux-azure, linux-azure-5.19, linux-kvm, linux-lowlatency, linux-raspi vulnerabilities↗2023-05-16