CVE-2022-2652

EUVD-2022-34898
Depending on the way the format strings in the card label are crafted it's possible to leak kernel stack memory. There is also the possibility for DoS due to the v4l2loopback kernel module crashing when providing the card label on request (reproduce e.g. with many %s modifiers in a row).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
@huntrdevCNA
7.3 HIGH
LOCAL
LOW
HIGH
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Affected Products (NVD)
VendorProductVersion
v4l2loopback_projectv4l2loopback
𝑥
< 0.12.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
v4l2loopback
bookworm
0.12.7-2
fixed
bullseye
unimportant
sid
0.13.2-1
fixed
trixie
0.13.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
v4l2loopback
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
ignored
xenial
needs-triage
Common Weakness Enumeration
References
https://github.com/umlaeute/v4l2loopback/commit/e4cd225557486c420f6a34411f98c575effd43dd
https://huntr.dev/bounties/1b055da5-7a9e-4409-99d7-030280d242d5
https://github.com/umlaeute/v4l2loopback/commit/e4cd225557486c420f6a34411f98c575effd43dd
https://huntr.dev/bounties/1b055da5-7a9e-4409-99d7-030280d242d5