Use of NullPointerException Catch to Detect NULL Pointer Dereference

CVE-2022-29508

Medium

6.3/10

Summary

Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.

Attack Complexity: HIGH
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-395 - Use of NullPointerException Catch to Detect NULL Pointer Dereference

Catching NullPointerException should not be used as an alternative to programmatic checks to prevent dereferencing a null pointer.

References

Advisory Timeline

Published May 10, 2023

Use of NullPointerException Catch to Detect NULL Pointer Dereference

CVE-2022-29508

Summary

CWE-395 - Use of NullPointerException Catch to Detect NULL Pointer Dereference

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS