CVE-2022-2639
CVSS v3.1
7.8 (High)
EPSS
0.04 % (5th)
Affected Products
2
Advisories
28
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2022-09-01 21:15:09
(2 years ago) - Updated Date
-
2024-02-02 02:36:25
(7 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...