PT-2022-7667 · Realtek · Realtek Rtsuer Driver For Usb Card Reader+1
Published
2022-05-05
·
Updated
2024-11-04
·
CVE-2022-25480
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Realtek RtsPer driver for PCIe Card Reader versions prior to 10.0.22000.21355
Realtek RtsUer driver for USB Card Reader versions prior to 10.0.22000.31274
Description
The issue is related to a buffer overflow in memory, allowing an attacker to write data to kernel memory beyond the system buffer of the IRP. This can be exploited by writing to kernel memory beyond the SystemBuffer of the IRP.
Recommendations
For Realtek RtsPer driver for PCIe Card Reader versions prior to 10.0.22000.21355, update to version 10.0.22000.21355 or later.
For Realtek RtsUer driver for USB Card Reader versions prior to 10.0.22000.31274, update to version 10.0.22000.31274 or later.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Realtek Rtsper Driver For Pcie Card Reader
Realtek Rtsuer Driver For Usb Card Reader