How severe is CVE-2022-48777?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-48777?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2022-48777 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty) the kernel panics in the cleanup function as the name entry is NULL. Rework the parser logic by first checking the real partition number and then allocate the space and set the data for the valid partitions. The logic was also fundamentally wrong as with a skipped partition, the parts number returned was incorrect by not decreasing it for the skipped partitions.

Related Vulnerabilities

CVE-2001-1559

MEDIUM

CVSS:5.5(Medium)

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial ...

CWE-4762001

CVE-2010-0206

MEDIUM

CVSS:5.5(Medium)

xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.

CWE-4762010

CVE-2010-3079

MEDIUM

CVSS:5.5(Medium)

kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cau...

CWE-4762010

CVE-2011-3637

MEDIUM

CVSS:5.5(Medium)

The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.

CWE-4762011

CVE-2011-4081

MEDIUM

CVSS:5.5(Medium)

crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a fail...

CWE-4762011

CVE-2011-4594

MEDIUM

CVSS:5.5(Medium)

The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an inco...

CWE-4762011