CVE-2022-38457

CVSS v2.0

8.5

High

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel's vmwgfx driver (affected versions not specified)

Description A use-after-free (UAF) vulnerability was found in the vmw cmd res check function in drivers/gpu/vmxgfx/vmxgfx execbuf.c. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service (DoS). The vulnerability is related to the device file /dev/dri/renderD128 (or Dxxx).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:7077

ALT-PU-2023-1086

ALT-PU-2023-1126

ALT-PU-2023-1684

ALT-PU-2023-1741

ALT-PU-2023-1814

ALT-PU-2023-4894

ALT-PU-2024-4263

ALT-PU-2024-4843

AZL-10902

BDU:2022-05657

CESA-2023_6901

CESA-2023_7077

CVE-2022-38457

OPENSUSE-SU-2023_3599-1

OPENSUSE-SU-2023_3599-2

OPENSUSE-SU-2023_3656-1

OPENSUSE-SU-2023_3704-1

OPENSUSE-SU-2023_3704-2

OPENSUSE-SU-2023_3971-1

OPENSUSE-SU-2023_3988-1

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3483-1

RHSA-2023:6583

RHSA-2023:6901

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_6901

RHSA-2023_7077

RHSA-2024:0930

RHSA-2024:1404

RHSA-2024:4823

RHSA-2024:4831

SUSE-SU-2023:3599-1

SUSE-SU-2023:3599-2

SUSE-SU-2023:3656-1

SUSE-SU-2023:3971-1

SUSE-SU-2023:3988-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3483-1

Affected Products

Alt Linux

Almalinux

Centos

Debian

Linux Kernel

Red Hat

Suse

CVE-2022-38457

Weakness Enumeration

Related Identifiers

Affected Products

References · 880