CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...

🗓️ 14 Oct 2022 14:40:12Reported by OpenHarmonyType

Kernel memory pool override in /dev/mmz_userdev device driver vulnerabilit

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2022-42464	14 Oct 202218:29	–	circl
CNNVD	OpenHarmony 安全漏洞	14 Oct 202200:00	–	cnnvd
CVE	CVE-2022-42464	14 Oct 202214:40	–	cve
EUVD	EUVD-2022-45537	3 Oct 202520:07	–	euvd
NVD	CVE-2022-42464	14 Oct 202215:16	–	nvd
OSV	CVE-2022-42464	14 Oct 202215:16	–	osv
Prion	Design/Logic Flaw	14 Oct 202215:16	–	prion
Positive Technologies	PT-2022-26447 · Unknown · Openharmony	14 Oct 202200:00	–	ptsecurity
Vulnrichment	CVE-2022-42464 Kernel memory pool override in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could disclose sensitive information including kernel pointer, which could be used in furth ...	14 Oct 202214:40	–	vulnrichment

[
  {
    "vendor": "OpenHarmony",
    "product": "OpenHarmony",
    "versions": [
      {
        "version": "OpenHarmony-v3.1.x-Release",
        "status": "affected",
        "lessThanOrEqual": "3.1.2",
        "versionType": "custom"
      },
      {
        "version": "OpenHarmony-v3.0.x-LTS",
        "status": "affected",
        "lessThanOrEqual": "3.0.6",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
gitee	www.gitee.com/openharmony/security/blob/master/en/security-disclosure/2022/2022-10.md

14 Oct 2022 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 3.16.7

EPSS0.00185

CWE-276