Lucene search

[email protected]CVE-2022-40279

HistorySep 29, 2022 - 3:15 a.m.

CVE-2022-40279

2022-09-2903:15:15

CWE-252

[email protected]

web.nvd.nist.gov

samsung

tizenrt

cve-2022-40279

denial of service

nvd

vulnerability

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

68.0%

JSON

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).

Affected configurations

NVD

Node

samsungtizenrtMatch1.0m1

samsungtizenrtMatch1.1

samsungtizenrtMatch2.0gbm_m1

samsungtizenrtMatch2.0m2

samsungtizenrtMatch3.0gbm

samsungtizenrtMatch3.1pre

CPENameOperatorVersion
samsung:tizenrtsamsung tizenrteq1.0
samsung:tizenrtsamsung tizenrteq1.1
samsung:tizenrtsamsung tizenrteq2.0
samsung:tizenrtsamsung tizenrteq3.0
samsung:tizenrtsamsung tizenrteq3.1

CPE	Name	Operator	Version
samsung:tizenrt	samsung tizenrt	eq	1.0
samsung:tizenrt	samsung tizenrt	eq	1.1
samsung:tizenrt	samsung tizenrt	eq	2.0
samsung:tizenrt	samsung tizenrt	eq	3.0
samsung:tizenrt	samsung tizenrt	eq	3.1

References

github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/wpa_supplicant/src/l2_packet/l2_packet_pcap.c#L181

github.com/Samsung/TizenRT/issues/5629

linux.die.net/man/3/pcap_dispatch

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

68.0%

JSON

Related for CVE-2022-40279

prion1 cvelist1 nvd1