CVE-2022-2991
CVSS v3.1
6.7 (Medium)
EPSS
0.05 % (20th)
Affected Products
1
Advisories
14
A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged code on the target system to exploit this vulnerability.
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2022-08-25 18:15:10
(2 years ago) - Updated Date
-
2022-08-30 20:31:58
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...