CVE-2022-28197

MEDIUM Year: 2022
CVSS v3 Score
5.0
Medium
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.

Related Vulnerabilities

CVE-2019-8354

MEDIUM
CVSS:5.0(Medium)

An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected...

CWE-1902019

CVE-2021-0919

MEDIUM
CVSS:5.0(Medium)

In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional e...

CWE-1902021

CVE-2021-43784

MEDIUM
CVSS:5.0(Medium)

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container ...

CWE-1902021

CVE-2018-7194

MEDIUM
CVSS:4.9(Medium)

Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a la...

CWE-1902018

CVE-2019-1010249

MEDIUM
CVSS:4.9(Medium)

The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Overflow. The impact is: A network administrator (or attacker) can install unintended flow rules in the switch by mistake. The compo...

CWE-1902019