CVE-2022-2964
HIGHLinux Kernel >=4.20 <5.4.180 - Memory Corruption in ASIX AX88179_178A USB Ethernet Driver
Title source: llmDescription
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
References (2)
Core 2
Core References
Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2067482
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230113-0001/
Scores
CVSS v3
7.8
EPSS
0.0003
EPSS Percentile
9.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
CWE-787
Status
published
Products (9)
linux/linux_kernel
4.20 - 5.4.180
netapp/h300s_firmware
netapp/h410c_firmware
netapp/h410s_firmware
netapp/h500s_firmware
netapp/h700s_firmware
redhat/enterprise_linux
7.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux
9.0
Published
Sep 09, 2022
Tracked Since
Feb 18, 2026