A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption.
On systems configured to include netmap in their devfs_ruleset, a privileged process running in a jail can affect the host environment.
References
Configurations
No configuration.
History
01 Aug 2024, 13:42
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-120 |
22 Mar 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Feb 2024, 05:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-15 05:15
Updated : 2024-08-01 13:42
NVD link : CVE-2022-23085
Mitre link : CVE-2022-23085
CVE.ORG link : CVE-2022-23085
JSON object : View
Products Affected
No product.
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')