Incorrect Access of Indexable Resource ('Range Error')

CVE-2022-36402

Medium

6.3/10

Summary

An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed using an index or pointer, such as memory or files.

References

Advisory Timeline

Published Sep 16, 2022

Incorrect Access of Indexable Resource ('Range Error')

CVE-2022-36402

Summary

CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS