CVE-2022-3061

MEDIUM

Linux Kernel - Memory Corruption

Title source: llm

Description

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error.

References (3)

[Mailing List, Patch, Vendor Advisory] https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?id=15cf0b82271b1823fb02ab8c377badba614d95d5

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html

[Third Party Advisory] https://www.debian.org/security/2022/dsa-5257

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 6.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-369

Status published

Affected Products (3)

linux/linux_kernel

debian/debian_linux

Timeline

Published Sep 01, 2022

Tracked Since Feb 18, 2026