CVE Vulnerability

CVE-2022-41850

roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress.

4.7 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://lore.kernel.org/all/20220904193115.GA28134@ubuntu/t/#u Mailing List Patch
https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html Mailing List Third Party Advisory
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Information

Published : 2022-09-30 06:15

Updated : 2023-02-23 03:42

NVD link : CVE-2022-41850

Mitre link : CVE-2022-41850

Products Affected
No products.
CWE
CWE-362

CWE-416