CVE - CVE-2022-3170

CVE-ID
CVE-2022-3170	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
An out-of-bounds access issue was found in the Linux kernel sound subsystem. It could occur when the 'id->name' provided by the user did not end with '\0'. A privileged local user could pass a specially crafted name through ioctl() interface and crash the system or potentially escalate their privileges on the system.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://github.com/torvalds/linux/commit/5934d9a0383619c14df91af8fd76261dc3de2f5f URL:https://github.com/torvalds/linux/commit/5934d9a0383619c14df91af8fd76261dc3de2f5f MISC:https://github.com/torvalds/linux/commit/6ab55ec0a938c7f943a4edba3d6514f775983887 URL:https://github.com/torvalds/linux/commit/6ab55ec0a938c7f943a4edba3d6514f775983887
Assigning CNA
Red Hat, Inc.
Date Record Created
20220909	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20220909)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)