CVE-2022-3061
MediumFound Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error.
CVSS 3.1 score
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness type
CWE-369CVE-2022-3061 is a Divide By Zero vulnerability
What is Divide By Zero?
The product divides a value by zero, causing a crash or unexpected behaviour. Learn more on MITRE CWE
References
The following references provide additional information about CVE-2022-3061 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.
-
Mailing List Third Party Advisory
-
Debian Securityhttps://www.debian.org/security/2022/dsa-5257Third Party Advisory
-
PatchKernel patch commithttps://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit/?id=15cf0b82271b1823fb02ab8c377badba614d95d5
Frequently asked questions
-
What is CVE-2022-3061?
CVE-2022-3061 is a Medium severity Linux kernel vulnerability with a CVSS score of 5.5 out of 10 , classified as a Divide By Zero flaw (CWE-369) . CVE-2022-3061 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
-
What is the CVSS score for CVE-2022-3061?
CVE-2022-3061 has a CVSS score of 5.5 out of 10, rated Medium severity (CVSS 3.1). The vector string is
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. -
Is there a patch available for CVE-2022-3061?
No patch is currently available for CVE-2022-3061. Monitor the NIST NVD and your Linux distribution's security advisories for updates.
-
Is CVE-2022-3061 actively exploited?
No — CVE-2022-3061 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
-
What is Divide By Zero (CWE-369)?
The product divides a value by zero, causing a crash or unexpected behaviour. View CWE-369 on MITRE CWE →