CVE-2022-40732

MEDIUM Year: 2022
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-476
View all →

Vulnerability Description

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service.

Related Vulnerabilities

CVE-2016-2391

MEDIUM
CVSS:5.0(Medium)

The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process c...

CWE-4762016

CVE-2022-20521

MEDIUM
CVSS:5.0(Medium)

In sdpu_find_most_specific_service_uuid of sdp_utils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution...

CWE-4762022

CVE-2022-40733

MEDIUM
CVSS:5.0(Medium)

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part ...

CWE-4762022

CVE-2023-41234

MEDIUM
CVSS:5.0(Medium)

NULL pointer dereference in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable denial of service via local access.

CWE-4762023

CVE-2024-34952

MEDIUM
CVSS:5.0(Medium)

taurusxin ncmdump v1.3.2 was discovered to contain a segmentation violation via the NeteaseCrypt::FixMetadata() function at /src/ncmcrypt.cpp. This vulnerability allows attackers to cause a Denial of ...

CWE-4762024