How severe is CVE-2022-0185?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.4 out of 10.

What type of vulnerability is CVE-2022-0185?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2022-0185 - HIGH Severity | CVSS 8.4

Vulnerability Description

A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.

Related Vulnerabilities

CVE-2017-13323

HIGH

CVSS:8.4(High)

In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional executio...

CWE-1902017

CVE-2018-9363

HIGH

CVSS:8.4(High)

In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for expl...

CWE-1902018

CVE-2021-1913

HIGH

CVSS:8.4(High)

Possible integer overflow due to improper length check while updating grace period and count record in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdrag...

CWE-1902021

CVE-2021-1949

HIGH

CVSS:8.4(High)

Possible integer overflow due to improper check of batch count value while sanitizer is enabled in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...

CWE-1902021

CVE-2022-1754

HIGH

CVSS:8.4(High)

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.

CWE-1902022

CVE-2024-23695

HIGH

CVSS:8.4(High)

In CacheOpPMRExec of cache_km.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privile...

CWE-1902024