7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.6%
Software: libinput 1.16.3
OS: ROSA Virtualization 2.1
package_evr_string: libinput-1.16.3-3.rv3.src.rpm
CVE-ID: CVE-2022-1215
BDU-ID: 2022-02695
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the evdev_log_msg function of the libinput library’s libinput implementation of the X.Org and Wayland display server protocols is related to the use of uncontrolled format strings. Exploitation of the vulnerability could allow an attacker to execute arbitrary code with elevated privileges
CVE-STATUS: Fixed
CVE-REV: To close, run the yum update libinput command
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.6%