← back
CVE-2022-2873

CVE-2022-2873

EPSS 0.3%CWE-131
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.3%KEV nãoPoC Patch referenciado
Lifecycle
22 Aug 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
Affected products
n/a · Kernel

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://lists.debian.org/debian-lts-announce/2023/03/msg00000.htmlhttps://lists.debian.org/debian-lts-announce/2023/05/msg00006.htmlhttps://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T/https://security.netapp.com/advisory/ntap-20230120-0001/https://www.debian.org/security/2023/dsa-5324