How severe is CVE-2022-42432?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.1 out of 10.

What type of vulnerability is CVE-2022-42432?

This is classified as CWE-457, which is a common weakness in software security.

CVE-2022-42432

MEDIUM Year: 2022

CVSS v3 Score

5.1

Medium

Weakness Type

CWE-457

View all →

Vulnerability Description

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval function. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-18540.

CVE-2021-21966

MEDIUM

CVSS:5.3(Medium)

An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an ...

CWE-4572021

CVE-2023-31192

MEDIUM

CVSS:5.3(Medium)

An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An...

CWE-4572023

CVE-2025-40575

MEDIUM

CVSS:5.3(Medium)

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can...

CWE-4572025

CVE-2019-1010317

MEDIUM

CVSS:5.5(Medium)

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). ...

CWE-4572019

CVE-2019-1010319

MEDIUM

CVSS:5.5(Medium)

WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:21...

CWE-4572019

CVE-2021-44003

MEDIUM

CVSS:5.5(Medium)

A vulnerability has been identified in JT2Go (All versions < V13.2.0.5), Teamcenter Visualization (All versions < V13.2.0.5). The Tiff_Loader.dll is vulnerable to use of uninitialized memory while par...

CWE-4572021

CVE-2022-42432

Vulnerability Description

Related Vulnerabilities

CVE-2021-21966

CVE-2023-31192

CVE-2025-40575

CVE-2019-1010317

CVE-2019-1010319

CVE-2021-44003