Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-4964HistoryJan 24, 2024 - 1:15 a.m.
CVE-2022-4964
2024-01-2401:15:07
Debian Security Bug Tracker
security-tracker.debian.org
6
cve-2022-4964
ubuntu
pipewire-pulse
snap
microphone access
audio-record
unix
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
7
Confidence
High
EPSS
0
Percentile
15.5%
Ubuntu’s pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pipewire | <= 0.3.65-3+deb12u1 | pipewire_0.3.65-3+deb12u1_all.deb |
| Debian | 11 | all | pipewire | <= 0.3.19-4 | pipewire_0.3.19-4_all.deb |
| Debian | 999 | all | pipewire | < 1.0.2-1 | pipewire_1.0.2-1_all.deb |
| Debian | 13 | all | pipewire | < 1.0.2-1 | pipewire_1.0.2-1_all.deb |
Related
cve
cve
CVE-2022-4964
2024-01-24 01:15:07
nvd
nvd
CVE-2022-4964
2024-01-24 01:15:07
prion
prion
Authentication flaw
2024-01-24 01:15:00
cvelist
cvelist
CVE-2022-4964
2024-01-24 00:58:14
veracode
veracode
Incorrect Default Permissions
2024-02-04 12:25:18
osv
osv
CVE-2022-4964
2024-01-24 01:15:07
redhatcve
redhatcve
CVE-2022-4964
2024-01-25 18:11:11
ubuntucve
ubuntucve
CVE-2022-4964
2024-01-23 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
7
Confidence
High
EPSS
0
Percentile
15.5%
Related for DEBIANCVE:CVE-2022-4964