CVE-2022-48732

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-193
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs, leaving the system with no working console. This is probably only seen on OpenFirmware machines like PowerPC Macs because the BIOS image provided by OF is only the used parts of the ROM, not a power-of-two blocks read from PCI directly so PCs always have empty bytes at the end that are never accessed.

Related Vulnerabilities

CVE-2002-0653

HIGH
CVSS:7.8(High)

Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the ...

CWE-1932002

CVE-2002-0844

HIGH
CVSS:7.8(High)

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.

CWE-1932002

CVE-2004-0346

HIGH
CVSS:7.8(High)

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.

CWE-1932004

CVE-2010-5331

HIGH
CVSS:7.8(High)

In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this ...

CWE-1932010

CVE-2017-9720

HIGH
CVSS:7.8(High)

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to an off-by-one error in a camera driver, an out-of-bounds read/write can occur.

CWE-1932017

CVE-2019-13305

HIGH
CVSS:7.8(High)

ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced strncpy and an off-by-one error.

CWE-1932019