Lucene search
TalosCVE-2022-43589HistoryNov 28, 2022 - 11:15 a.m.
CVE-2022-43589
2022-11-2811:15:10
CWE-476
talos
web.nvd.nist.gov
28
cve-2022-43589
callback technologies
cbfs filter
null pointer dereference
denial of service
irp
ioctl
vulnerability
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.8%
A null pointer dereference vulnerability exists in the handle_ioctl_8314C functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.
Affected configurations
Node
callbackcbfs_filterMatch20.0.8317
| Vendor | Product | Version | CPE |
|---|---|---|---|
| callback | cbfs_filter | 20.0.8317 | cpe:2.3:a:callback:cbfs_filter:20.0.8317:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Callback technologies",
"product": "CBFS Filter",
"versions": [
{
"version": "20.0.8317",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2022-43589
2022-11-28 11:15:10
talos
talos
prion
prion
Null pointer dereference
2022-11-28 11:15:00
cvelist
cvelist
CVE-2022-43589
2022-11-28 10:20:14
talosblog
talosblog
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
12.8%
Related for CVE-2022-43589