Vulnerability Details : CVE-2022-2652
Potential exploit
Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row).
Vulnerability category: OverflowDenial of service
Products affected by CVE-2022-2652
- cpe:2.3:o:v4l2loopback_project:v4l2loopback:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-2652
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-2652
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.3
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L |
1.5
|
5.3
|
huntr.dev | |
6.0
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H |
0.8
|
5.2
|
NIST |
CWE ids for CVE-2022-2652
-
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.Assigned by: security@huntr.dev (Primary)
References for CVE-2022-2652
-
https://github.com/umlaeute/v4l2loopback/commit/e4cd225557486c420f6a34411f98c575effd43dd
add explicit format specifier to printf() invocations · umlaeute/v4l2loopback@e4cd225 · GitHubPatch;Third Party Advisory
-
https://huntr.dev/bounties/1b055da5-7a9e-4409-99d7-030280d242d5
huntr - The world’s first bug bounty platform for AI/MLExploit;Issue Tracking;Patch;Third Party Advisory
Jump to