CVE-2022-2873

Name
CVE-2022-2873
Description
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97@gmail.com/T/
Third Party Advisory https://security.netapp.com/advisory/ntap-20230120-0001/
Third Party Advisory https://www.debian.org/security/2023/dsa-5324
MLIST https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html
MLIST https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
https://lore.kernel.org/lkml/20220729093451.551672-1-zheyuma97%40gmail.com/T/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:* linux_kernel == None == 5.19

Vulnerable and fixed packages

Source package Branch Version Maintainer Status