Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-3239
HistorySep 19, 2022 - 12:00 a.m.

CVE-2022-3239

2022-09-1900:00:00
ubuntu.com
ubuntu.com
17
linux
kernel
video4linux
driver
cve-2022-3239
flaw
use after free
empia 28xx
tv cards
local user
crash
system
escalate privileges
unix

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

A flaw use after free in the Linux kernel video4linux driver was found in
the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards.
A local user could use this flaw to crash the system or potentially
escalate their privileges on the system.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-200.211UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-117.132UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-35.36UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-235.269UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1146.158UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1078.84UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1009.11UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1114.120UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1152.167UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1078.84~18.04.1UNKNOWN
Rows per page:
1-10 of 581

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%