Wind River Support Network

HomeDefectsLIN1023-589
Fixed

LIN1023-589 : Security Advisory - linux - CVE-2022-36280

Created: May 16, 2023    Updated: Dec 19, 2023
Resolved Date: May 17, 2023
Found In Version: 10.23.30.1
Fix Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

CREATE(Triage):(User=admin) CVE-2022-36280 (https://nvd.nist.gov/vuln/detail/CVE-2022-36280)

CVEs


Live chat
Online