CVE-2022-41218 — Vulnetix

CVE-2022-41218 PUBLISHED CVSS 9.300000190734863 CRITICAL

Es existiert eine Schwachstelle im Linux Kernel aufgrund eines use-after-free Fehlers. Betroffen ist die Komponente "drivers/media/dvb-core/dmxdev.c" mit den Funktionen "dvb_demux_open" und "dvb_dmxdev_release". Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um nicht näher spezifizierte Auswirkungen zu verursachen.

EPSS 0.49% · 66.0th percentile

Risk Scores

CVSS 4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.49%

66.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu	Ubuntu Linux
Juniper	Juniper EX Series 4600
Juniper	Juniper JUNOS ACX7100-32C
Juniper	Juniper JUNOS Evolved
Juniper	Juniper JUNOS ACX7100-48L
Juniper	Juniper JUNOS PTX Series
Oracle	Oracle VM
Juniper	Juniper EX Series 4100
Juniper	Juniper JUNOS
Oracle	Oracle Linux
Juniper	Juniper JUNOS ACX7024
Red Hat	Red Hat Enterprise Linux
Debian	Debian Linux
Juniper	Juniper MX Series
Juniper	Juniper EX Series EX9200
SUSE	SUSE Linux
Siemens	Siemens SIMATIC S7 1500 TM MFP
Dell	Dell ECS <3.8.1.0
Juniper	Juniper EX Series 4400
Juniper	Juniper QFX Series 5000

…and 5 more

Exploit Intelligence

Vulnerability Details for CVE-2022-41218 (github-poc)
Vulnerability Details for CVE-2022-41218 (github-poc)
Vulnerability Details for CVE-2022-41218 (github-poc)
Vulnerability Details for CVE-2022-41218 (github-poc)
Vulnerability Details for CVE-2022-41218 (github-poc)
http://www.openwall.com/lists/oss-security/2022/09/23/4 (nist-nvd)
http://www.openwall.com/lists/oss-security/2022/09/24/1 (nist-nvd)
CVE-2022-32250.yara (github-yara)
CVE-2022-32250.yara (github-yara)
CVE-2022-32250.yara (github-yara)

…and 2 more exploits

Timeline

Sep 21, 2022 CVE Published
Sep 21, 2022 EPSS Score
Oct 1, 2022 EPSS Score
Nov 5, 2022 EPSS Score
Dec 19, 2022 EPSS Score
Feb 2, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 19, 2023 EPSS Score
May 3, 2023 EPSS Score
Jun 16, 2023 EPSS Score
Jul 31, 2023 EPSS Score
Sep 14, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0064.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0064 advisory
https://supportportal.juniper.net/JSA11272 advisory
https://supportportal.juniper.net/JSA75233 advisory
https://supportportal.juniper.net/JSA75721 advisory
https://supportportal.juniper.net/JSA75723 advisory
https://supportportal.juniper.net/JSA75725 advisory
https://supportportal.juniper.net/JSA75727 advisory
https://supportportal.juniper.net/JSA75729 advisory
https://supportportal.juniper.net/JSA75730 advisory
https://supportportal.juniper.net/JSA75733 advisory
https://supportportal.juniper.net/JSA75734 advisory
https://supportportal.juniper.net/JSA75735 advisory
https://supportportal.juniper.net/JSA75736 advisory
https://supportportal.juniper.net/JSA75737 advisory
https://supportportal.juniper.net/JSA75738 advisory
https://supportportal.juniper.net/JSA75740 advisory
https://supportportal.juniper.net/JSA75741 advisory
https://supportportal.juniper.net/JSA75742 advisory
https://supportportal.juniper.net/JSA75743 advisory

…and 98 more

Open in Interactive Console →