CVE
CVE-2022-3170
An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'.
An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.
Package Versions Affected
Package Version
patch Availability
No items found.
Automatically patch vulnerabilities without upgrading
Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request
CVSS Version
Severity
Base Score
CVSS Version
Score Vector
C
H
U
7.8
-
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
C
H
U
0
-
3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
C
H
U
-
Related Resources
No items found.
References
https://github.com/torvalds/linux/commit/5934d9a0383619c14df91af8fd76261dc3de2f5f, https://github.com/torvalds/linux/commit/6ab55ec0a938c7f943a4edba3d6514f775983887, https://github.com/torvalds/linux/commit/5934d9a0383619c14df91af8fd76261dc3de2f5f, https://github.com/torvalds/linux/commit/6ab55ec0a938c7f943a4edba3d6514f775983887
Basic Information
Ecosystem
