CVE-2022-47520

Published: Dic 18, 2022 Last Modified: Apr 17, 2025 EU-VD ID: EUVD-2022-50281 Aliases: GSD-2022-47520
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,1
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: high

Description

AI Translation Available

An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0003
Percentile
0,1th
Updated

EPSS Score Trend (Last 90 Days)

125

Out-of-bounds Read

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Availability Other
Potential Impacts:
Read Memory Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Varies By Context
Applicable Platforms
Languages: C, C++, Memory-Unsafe
Technologies: ICS/OT
View CWE Details
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

H410C Firmware by Netapp

Product Information
Vendor Netapp
Product H410C Firmware
Version -
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 4.2.0 (inclusive)
To 5.10.157 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

H700S Firmware by Netapp

Product Information
Vendor Netapp
Product H700S Firmware
Version -
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

H300S Firmware by Netapp

Product Information
Vendor Netapp
Product H300S Firmware
Version -
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

H500S Firmware by Netapp

Product Information
Vendor Netapp
Product H500S Firmware
Version -
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 5.11 (inclusive)
To 5.15.81 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 5.16 (inclusive)
To 6.0.11 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

H410S Firmware by Netapp

Product Information
Vendor Netapp
Product H410S Firmware
Version -
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/torvalds/linux/commit/cd21d99e595ec1d872…
Patch Third Party Advisory
https://github.com/torvalds/linux/commit/cd21d99e595ec1d8721e1058dcdd4f1f7de1d7…
https://lists.debian.org/debian-lts-announce/2022/12/msg000…
Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
https://lore.kernel.org/r/20221123153543.8568-2-philipturnb…
https://lore.kernel.org/r/20221123153543.8568-2-philipturnbull%40github.com
https://security.netapp.com/advisory/ntap-20230113-0007/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230113-0007/
https://github.com/torvalds/linux/commit/cd21d99e595ec1d872…
Patch Third Party Advisory
https://github.com/torvalds/linux/commit/cd21d99e595ec1d8721e1058dcdd4f1f7de1d7…
https://lists.debian.org/debian-lts-announce/2022/12/msg000…
Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html
https://lore.kernel.org/r/20221123153543.8568-2-philipturnb…
https://lore.kernel.org/r/20221123153543.8568-2-philipturnbull%40github.com
https://security.netapp.com/advisory/ntap-20230113-0007/
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230113-0007/