CVE-2022-2639

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-192
View all →

Vulnerability Description

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Related Vulnerabilities

CVE-2014-125011

HIGH
CVSS:7.8(High)

A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integ...

CWE-1922014

CVE-2021-32996

HIGH
CVSS:7.5(High)

The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required.

CWE-1922021

CVE-2014-125011

HIGH
CVSS:7.8(High)

A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integ...

CWE-1922014

CVE-2021-32996

HIGH
CVSS:7.5(High)

The FANUC R-30iA and R-30iB series controllers are vulnerable to integer coercion errors, which cause the device to crash. A restart is required.

CWE-1922021

CVE-2014-125012

MEDIUM
CVSS:5.5(Medium)

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is...

CWE-1922014