CVE-2022-2873

MEDIUM Year: 2022
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-131
View all →

Vulnerability Description

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.

Related Vulnerabilities

CVE-2017-14934

MEDIUM
CVSS:5.5(Medium)

process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a ...

CWE-1312017

CVE-2019-5696

MEDIUM
CVSS:5.5(Medium)

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of s...

CWE-1312019

CVE-2020-14385

MEDIUM
CVSS:5.5(Medium)

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt....

CWE-1312020

CVE-2021-29521

MEDIUM
CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from t...

CWE-1312021

CVE-2021-29542

MEDIUM
CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the implemen...

CWE-1312021

CVE-2021-29545

MEDIUM
CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is becau...

CWE-1312021