Vulnerabilities > CVE-2022-43590 - NULL Pointer Dereference vulnerability in Callback Cbfs Filter 20.0.8317

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

callback

CWE-476

NVD

Published: 2022-11-28

Updated: 2023-02-07

Summary

A null pointer dereference vulnerability exists in the handle_ioctl_0x830a0_systembuffer functionality of Callback technologies CBFS Filter 20.0.8317. A specially crafted I/O request packet (IRP) can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Callback Callback Cbfs Filter 20.0.8317	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://talosintelligence.com/vulnerability_reports/TALOS-2022-1649