Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-26966
HistoryMar 12, 2022 - 12:00 a.m.

CVE-2022-26966

2022-03-1200:00:00
ubuntu.com
ubuntu.com
36
linux kernel
information leakage
sensitive information
usb device

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

14.1%

An issue was discovered in the Linux kernel before 5.16.12.
drivers/net/usb/sr9700.c allows attackers to obtain sensitive information
from heap memory via crafted frame lengths from a device.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-177.186UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-117.132UNKNOWN
ubuntu21.10noarchlinux< 5.13.0-41.46UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1128.137UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1078.84UNKNOWN
ubuntu21.10noarchlinux-aws< 5.13.0-1023.25UNKNOWN
ubuntu20.04noarchlinux-aws-5.13< 5.13.0-1023.25~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1078.84~18.04.1UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1128.137~16.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1083.87UNKNOWN
Rows per page:
1-10 of 511

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

14.1%