vulnerability
Arch Linux: Classic Buffer Overflow (CVE-2022-36280)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:S/C:N/I:P/A:C) | Sep 9, 2022 | Jul 11, 2025 | Nov 27, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:C)
Published
Sep 9, 2022
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
Solution
arch-linux-upgrade-latest
References
- CVE-2022-36280
- https://attackerkb.com/topics/CVE-2022-36280
- URL-https://bugzilla.openanolis.cn/show_bug.cgi?id=2071
- URL-https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html
- URL-https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html
- URL-https://www.debian.org/security/2023/dsa-5324
- CWE-120
- CWE-787
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.