CVE-2022-25479
First published: Tue Jul 02 2024(Updated: )
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Realtek RtsPer | <10.0.22000.21355 | |
| Realtek RTSUER | <10.0.22000.31274 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-25479?
CVE-2022-25479 is classified as a medium severity vulnerability that allows for kernel memory leakage.
How do I fix CVE-2022-25479?
To mitigate CVE-2022-25479, update the Realtek RtsPer driver to version 10.0.22000.21355 or later and the RtsUer driver to version 10.0.22000.31274 or later.
What systems are affected by CVE-2022-25479?
CVE-2022-25479 affects systems using the Realtek RtsPer driver for PCIe Card Reader and the RtsUer driver for USB Card Reader prior to specific versions.
What kind of data is at risk with CVE-2022-25479?
CVE-2022-25479 poses a risk of leaking sensitive kernel memory data from both the stack and the heap.
Who is the vendor responsible for CVE-2022-25479?
The vendor responsible for CVE-2022-25479 is Realtek Semiconductor Corp.
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- agent/event
- agent/weakness
- agent/softwarecombine
- agent/references
- agent/severity
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/realtek
- canonical/realtek rtsper
- canonical/realtek rtsuer