Lucene search

[email protected]NVD:CVE-2022-20235

HistoryJan 26, 2023 - 9:15 p.m.

CVE-2022-20235

2023-01-2621:15:26

CWE-787

[email protected]

web.nvd.nist.gov

powervr gpu

kernel driver

cache subsystem

memory corruption

android soc

android id

vulnerability

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.6

Confidence

High

EPSS

Percentile

9.0%

JSON

The PowerVR GPU kernel driver maintains an “Information Page” used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780

Affected configurations

NVD

Node

googleandroidMatch-

References

source.android.com/security/bulletin/2023-01-01

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.6

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2022-20235

prion1 cve1 cvelist1