Headline
CVE-2022-23467: Out of Bounds Read in OpenRazer Driver
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razer_attr_read_dpi_stages, potentially bypassing KASLR. To exploit this vulnerability an attacker would need to access to a users keyboard or mouse or would need to convince a user to use a modified device. The issue has been patched in v3.5.1. Users are advised to upgrade and should be reminded not to plug in unknown USB devices.
Moderate
z3ntu published GHSA-39hg-jvc9-fg7h
Dec 4, 2022
Package
OpenRazer
Affected versions
<= v3.5.0
Patched versions
v3.5.1
Description
Impact
Using a modified USB device an attacker can leak stack addresses of the razer_attr_read_dpi_stages, potentially bypassing KASLR.
Patches
The issue has been patched in v3.5.1.
Workarounds
Don’t plug unknown USB devices into your computer.
References
- 33aa7f0
Severity
Moderate
4.0
/ 10
CVSS base metrics
Attack vector
Physical
Attack complexity
High
Privileges required
Low
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE ID
CVE-2022-23467
Weaknesses
CWE-125
Credits
- Kwstubbs