Lucene search

K
nvd[email protected]NVD:CVE-2022-22942
HistoryDec 13, 2023 - 9:15 a.m.

CVE-2022-22942

2023-12-1309:15:33
CWE-416
web.nvd.nist.gov
2
cve-2022-22942
local privilege escalation
unprivileged users
system files
file pointer vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.3%

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling β€˜file’ pointer.

Affected configurations

NVD
Node
vmwarephoton_osMatch3.0-
OR
vmwarephoton_osMatch4.0-

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

31.3%