How severe is CVE-2022-41686?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2022-41686?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2022-41686 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.

Related Vulnerabilities

CVE-2016-5238

MEDIUM

CVSS:4.4(Medium)

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from th...

CWE-7872016

CVE-2019-3701

MEDIUM

CVSS:4.4(Medium)

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc...

CWE-7872019

CVE-2020-12358

MEDIUM

CVSS:4.4(Medium)

Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

CWE-7872020

CVE-2020-24480

MEDIUM

CVSS:4.4(Medium)

Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.

CWE-7872020

CVE-2021-20491

MEDIUM

CVSS:4.4(Medium)

IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parame...

CWE-7872021

CVE-2022-36382

MEDIUM

CVSS:4.4(Medium)

Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before ver...

CWE-7872022