CVE-2022-0330

HIGH

Linux kernel's GPU i915 - Memory Corruption

Title source: llm

Description

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.

References (4)

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2022/11/30/1

[Issue Tracking, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=2042404

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20220526-0001/

[Mailing List, Third Party Advisory] https://www.openwall.com/lists/oss-security/2022/01/25/12

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 11.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-281

Status published

Products (49)

fedoraproject/fedora 34

fedoraproject/fedora 35

linux/linux_kernel 5.17 (2 CPE variants)

linux/linux_kernel < 5.17

netapp/h300e_firmware

netapp/h300s_firmware

netapp/h410c_firmware

netapp/h410s_firmware

netapp/h500e_firmware

netapp/h500s_firmware

... and 39 more

Published Mar 25, 2022

Tracked Since Feb 18, 2026