CVE-2022-36402

Updated: 2023-11-04 20:36:43.438764

Description:

An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Ignored 2023-11-08 04:07:32
AlmaLinux 9.2 FIPS kernel 5.14.0 5.5 MEDIUM Ignored 2023-11-21 04:12:09
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2023-10-27 11:06:59
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2023-10-27 11:06:59
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2022-11-30 13:02:58
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2022-11-30 13:02:58
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2023-10-27 11:06:59
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2023-10-27 11:06:59
Ubuntu 16.04 ELS linux-hwe 4.15.0 5.5 MEDIUM Released CLSA-2024:1706624217 2024-01-30 10:13:08
Ubuntu 16.04 ELS linux 4.4.0 5.5 MEDIUM Released CLSA-2024:1706545934 2024-01-29 13:14:43
Total: 11