Lucene search
TalosCVE-2022-43588HistoryNov 28, 2022 - 11:15 a.m.
CVE-2022-43588
2022-11-2811:15:10
CWE-476
talos
web.nvd.nist.gov
32
cve-2022-43588
null pointer dereference
cbfs filter
callback technologies
denial of service
irp
ioctl
vulnerability
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.8%
A null pointer dereference vulnerability exists in the handle_ioctl_83150 functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.
Affected configurations
Node
callbackcbfs_filterMatch20.0.8317
| Vendor | Product | Version | CPE |
|---|---|---|---|
| callback | cbfs_filter | 20.0.8317 | cpe:2.3:a:callback:cbfs_filter:20.0.8317:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Callback technologies",
"product": "CBFS Filter",
"versions": [
{
"version": "20.0.8317",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2022-43588
2022-11-28 10:20:13
prion
prion
Null pointer dereference
2022-11-28 11:15:00
talos
talos
nvd
nvd
CVE-2022-43588
2022-11-28 11:15:10
talosblog
talosblog
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.8%
Related for CVE-2022-43588