CVE-2022-20162

2022-06-1500:00:00

ubuntu.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read
due to an incorrect bounds check. This could lead to local information
disclosure with System execution privileges needed. User interaction is not
needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
A-223492713References: N/A

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchrunc< anyUNKNOWN
ubuntu22.04noarchrunc< anyUNKNOWN
ubuntuupstreamnoarchrunc< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	runc	< any	UNKNOWN
ubuntu	22.04	noarch	runc	< any	UNKNOWN
ubuntu	upstream	noarch	runc	< any	UNKNOWN

References

access.redhat.com/security/cve/CVE-2022-20162

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20162

launchpad.net/bugs/cve/CVE-2022-20162

nvd.nist.gov/vuln/detail/CVE-2022-20162

security-tracker.debian.org/tracker/CVE-2022-20162

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2022-20162