CVE-2022-36280

Updated: 2023-11-04 20:22:37.062103

Description:

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2023-09-19 05:07:36
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2022-09-19 05:02:28
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2022-09-19 05:02:28
Ubuntu 16.04 ELS linux 4.4.0 5.5 MEDIUM Released CLSA-2023:1682604577 2023-04-27 11:09:58
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.5 MEDIUM Released 2023-04-27 14:05:09
Ubuntu 18.04 ELS linux 4.15.0 5.5 MEDIUM Already Fixed 2023-06-02 09:10:21