First published: Fri Sep 16 2022(Updated: )
An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
Credit: security@openanolis.org security@openanolis.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | ||
IBM Security QRadar | <=7.5 - 7.5.0 UP8 IF01 | |
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-36402 has a high severity rating due to its potential to allow local attackers to escalate privileges.
To fix CVE-2022-36402, update the affected software or kernel versions to the recommended patched versions.
CVE-2022-36402 affects IBM QRadar SIEM and specific versions of the Linux kernel.
CVE-2022-36402 can only be exploited locally by authenticated users on the affected systems.
CVE-2022-36402 is classified as an integer overflow vulnerability within the vmwgfx driver of the Linux kernel.