CVE-2022-20369
Summary
| CVE | CVE-2022-20369 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-11 15:15:00 UTC |
|---|
| Updated | 2023-02-23 15:27:00 UTC |
|---|
| Description | In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] [DLA 3245-1] linux security update |
MLIST |
lists.debian.org |
|
| Pixel Update Bulletin—August 2022 | Android Open Source Project |
MISC |
source.android.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 180914 Debian Security Update for linux (CVE-2022-20369)
- 181565 Debian Security Update for linux (DLA 3245-1)
- 198980 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5668-1)
- 198987 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5677-1)
- 198990 Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-5682-1)
- 199011 Ubuntu Security Notification for Linux kernel (Azure CVM) Vulnerabilities (USN-5706-1)
- 199155 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5854-1)
- 199164 Ubuntu Security Notification for Linux kernel (Qualcomm Snapdragon) Vulnerabilities (USN-5862-1)
- 199165 Ubuntu Security Notification for Linux kernel (Dell300x) Vulnerabilities (USN-5861-1)
- 199169 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5865-1)
- 199502 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5975-1)
- 199541 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5924-1)
- 199566 Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-6007-1)
- 199567 Ubuntu Security Notification for Linux kernel (HWE) Vulnerabilities (USN-5883-1)
- 354081 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-036
- 354135 Amazon Linux Security Advisory for kernel : ALAS2-2022-1888
- 354251 Amazon Linux Security Advisory for kernel : ALAS-2022-1645
- 378043 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX2-SA-2023:0011)
- 610432 Google Pixel Android August 2022 Security Patch Missing
- 672278 EulerOS Security Update for kernel (EulerOS-SA-2022-2686)
- 672286 EulerOS Security Update for kernel (EulerOS-SA-2022-2654)
- 752584 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3265-1)
- 752589 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3264-1)
- 752591 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3274-1)
- 752592 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3282-1)
- 752594 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3293-1)
- 752596 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3291-1)
- 752615 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3408-1)
- 752632 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3450-1)
- 753063 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:4617-1)
- 753167 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3288-1)
- 753370 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3609-1)
- 753374 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:3809-1)
- 753703 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
- 753707 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
- 753727 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:0416-1)
