Lucene search
Ubuntu.comUB:CVE-2022-4964HistoryJan 23, 2024 - 12:00 a.m.
CVE-2022-4964
2024-01-2300:00:00
ubuntu.com
ubuntu.com
9
cve-2022-4964
ubuntu
pipewire-pulse
microphone access
snap interface
audio-record
bug
launchpad
eslerm
alexmurray
pulseaudio
focal
pipewire
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
Ubuntu’s pipewire-pulse in snap grants microphone access even when the snap
interface for audio-record is not set.
Bugs
Notes
| Author | Note |
|---|---|
| eslerm | jammy uses pulseaudio by default, but affected if switched |
| alexmurray | pipewire in focal does not include pipewire-pulse and so is not affected |
Related
nvd
nvd
CVE-2022-4964
2024-01-24 01:15:07
debiancve
debiancve
CVE-2022-4964
2024-01-24 01:15:07
redhatcve
redhatcve
CVE-2022-4964
2024-01-25 18:11:11
veracode
veracode
Incorrect Default Permissions
2024-02-04 12:25:18
osv
osv
CVE-2022-4964
2024-01-24 01:15:07
cve
cve
CVE-2022-4964
2024-01-24 01:15:07
cvelist
cvelist
CVE-2022-4964
2024-01-24 00:58:14
prion
prion
Authentication flaw
2024-01-24 01:15:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
15.7%
Related for UB:CVE-2022-4964