CVE-2022-29023

Name
CVE-2022-29023
Description
A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/openrazer/openrazer/pull/1790
Exploit https://www.cyberark.com/resources/threat-research-blog/colorful-vulnerabilities
af854a3a-2127-422b-91ae-364da2661108 https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:openrazer_project:openrazer:*:*:*:*:*:*:*:* openrazer >= None < 3.3.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
openrazer edge-community 3.4.0-r0 None fixed
openrazer 3.22-community 3.4.0-r0 None fixed
openrazer 3.21-community 3.4.0-r0 None fixed
openrazer 3.20-community 3.4.0-r0 None fixed
openrazer 3.19-community 3.4.0-r0 None fixed
openrazer 3.18-community 3.4.0-r0 None fixed