Details of VAR-202302-1202

ID

VAR-202302-1202

CVE

CVE-2022-35883

TITLE

Intel's media software development kit In NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-019738

DESCRIPTION

NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access. Intel's media software development kit for, NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-35883 // JVNDB: JVNDB-2022-019738 // VULHUB: VHN-432125 // VULMON: CVE-2022-35883

AFFECTED PRODUCTS

vendor:	intel	model:	media software development kit	scope:	lt	version:	22.2.2	Trust: 1.0
vendor:	インテル	model:	media software development kit	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	media software development kit	scope:	eq	version:	22.2.2	Trust: 0.8
vendor:	インテル	model:	media software development kit	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-019738 // NVD: CVE-2022-35883

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-35883
value:	MEDIUM
Trust: 1.0
secure@intel.com:	CVE-2022-35883
value:	LOW
Trust: 1.0
NVD:	CVE-2022-35883
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202302-1325
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-35883
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2022-35883
baseSeverity:	LOW
baseScore:	2.2
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	0.8
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2022-35883
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019738 // CNNVD: CNNVD-202302-1325 // NVD: CVE-2022-35883 // NVD: CVE-2022-35883

PROBLEMTYPE DATA

problemtype:	CWE-476	Trust: 1.1
problemtype:	NULL Pointer dereference (CWE-476) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-432125 // JVNDB: JVNDB-2022-019738 // NVD: CVE-2022-35883

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1325

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202302-1325

PATCH

title:	Intel Media SDK Fixes for code issue vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=226954	Trust: 0.6
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2022-35883	Trust: 0.1

sources: VULMON: CVE-2022-35883 // CNNVD: CNNVD-202302-1325

EXTERNAL IDS

db:	NVD	id:	CVE-2022-35883	Trust: 3.4
db:	JVN	id:	JVNVU91223897	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-019738	Trust: 0.8
db:	AUSCERT	id:	ESB-2023.0905	Trust: 0.6
db:	CNNVD	id:	CNNVD-202302-1325	Trust: 0.6
db:	VULHUB	id:	VHN-432125	Trust: 0.1
db:	VULMON	id:	CVE-2022-35883	Trust: 0.1

sources: VULHUB: VHN-432125 // VULMON: CVE-2022-35883 // JVNDB: JVNDB-2022-019738 // CNNVD: CNNVD-202302-1325 // NVD: CVE-2022-35883

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00731.html	Trust: 2.6
url:	https://jvn.jp/vu/jvnvu91223897/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-35883	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-35883/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.0905	Trust: 0.6
url:	https://github.com/live-hack-cve/cve-2022-35883	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-432125 // VULMON: CVE-2022-35883 // JVNDB: JVNDB-2022-019738 // CNNVD: CNNVD-202302-1325 // NVD: CVE-2022-35883

SOURCES

db:	VULHUB	id:	VHN-432125
db:	VULMON	id:	CVE-2022-35883
db:	JVNDB	id:	JVNDB-2022-019738
db:	CNNVD	id:	CNNVD-202302-1325
db:	NVD	id:	CVE-2022-35883

LAST UPDATE DATE

2024-08-14T12:49:53.773000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-432125	date:	2023-02-27T00:00:00
db:	VULMON	id:	CVE-2022-35883	date:	2023-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2022-019738	date:	2023-10-27T05:32:00
db:	CNNVD	id:	CNNVD-202302-1325	date:	2023-02-28T00:00:00
db:	NVD	id:	CVE-2022-35883	date:	2023-02-27T19:09:51.903

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-432125	date:	2023-02-16T00:00:00
db:	VULMON	id:	CVE-2022-35883	date:	2023-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2022-019738	date:	2023-10-27T00:00:00
db:	CNNVD	id:	CNNVD-202302-1325	date:	2023-02-16T00:00:00
db:	NVD	id:	CVE-2022-35883	date:	2023-02-16T21:15:13.087