CVE Vulnerability

CVE-2022-40279

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/Samsung/TizenRT/issues/5629 Issue Tracking Third Party Advisory
https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/wpa_supplicant/src/l2_packet/l2_packet_pcap.c#L181 Exploit Third Party Advisory
https://linux.die.net/man/3/pcap_dispatch Technical Description Third Party Advisory
Configurations

Configuration 1

cpe:2.3:o:samsung:tizenrt:3.0:gbm:*:*:*:*:*:*
cpe:2.3:o:samsung:tizenrt:1.0:m1:*:*:*:*:*:*
cpe:2.3:o:samsung:tizenrt:1.1:*:*:*:*:*:*:*
cpe:2.3:o:samsung:tizenrt:2.0:gbm_m1:*:*:*:*:*:*
cpe:2.3:o:samsung:tizenrt:2.0:m2:*:*:*:*:*:*
cpe:2.3:o:samsung:tizenrt:3.1:pre:*:*:*:*:*:*
Information

Published : 2022-09-29 03:15

Updated : 2022-09-30 11:00

NVD link : CVE-2022-40279

Mitre link : CVE-2022-40279

Products Affected
No products.
CWE
CWE-252

Unchecked Return Value