How severe is CVE-2022-33740?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2022-33740?

This is classified as CWE-212, which is a common weakness in software security.

CVE-2022-33740 - HIGH Severity | CVSS 7.1

Vulnerability Description

Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740). Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742).

Related Vulnerabilities

CVE-2021-33080

MEDIUM

CVSS:6.8(Medium)

Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC Products may allow an unauthent...

CWE-2122021

CVE-2020-11198

MEDIUM

CVSS:6.7(Medium)

Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi...

CWE-2122020

CVE-2002-0704

HIGH

CVSS:7.5(High)

The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.

CWE-2122002

CVE-2018-6337

HIGH

CVSS:7.5(High)

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM...

CWE-2122018

CVE-2019-20637

HIGH

CVSS:7.5(High)

An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next req...

CWE-2122019

CVE-2020-1940

HIGH

CVSS:7.5(High)

The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates ...

CWE-2122020