CVE-2022-3061

MEDIUM

Linux Kernel - Memory Corruption

Title source: llm

Description

Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error.

References (3)

[Third Party Advisory] https://www.debian.org/security/2022/dsa-5257

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html

[Mailing List, Patch, Vendor Advisory] https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?id=15cf0b82271b1823fb02ab8c377badba614d95d5

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 6.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-369

Status published

Products (3)

debian/debian_linux 10.0

debian/debian_linux 11.0

linux/linux_kernel 5.18 rc5

Published Sep 01, 2022

Tracked Since Feb 18, 2026