Vulnerability Details CVE-2022-40673
KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.4%
CVSS Severity
CVSS v3 Score 7.8
References
- http://www.openwall.com/lists/oss-security/2022/09/14/1
- https://github.com/JonMagon/KDiskMark/commit/3c90083a4f5ba3f240a797e509d818221542bbdc
- https://github.com/JonMagon/KDiskMark/compare/3.0.0...3.1.0
- https://github.com/JonMagon/KDiskMark/releases/tag/3.1.0
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYO3GWTNPHNCLHSI562Q3KX43PW7FQ4Q/
- http://www.openwall.com/lists/oss-security/2022/09/14/1
- https://github.com/JonMagon/KDiskMark/commit/3c90083a4f5ba3f240a797e509d818221542bbdc
- https://github.com/JonMagon/KDiskMark/compare/3.0.0...3.1.0
- https://github.com/JonMagon/KDiskMark/releases/tag/3.1.0
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYO3GWTNPHNCLHSI562Q3KX43PW7FQ4Q/
Products affected by CVE-2022-40673
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.4.1
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.4.2
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.4.3
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.5.0
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.5.1
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.6.0
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.6.1
-
cpe:2.3:a:kdiskmark_project:kdiskmark:1.6.2
-
cpe:2.3:a:kdiskmark_project:kdiskmark:2.0.0
-
cpe:2.3:a:kdiskmark_project:kdiskmark:2.1.0
-
cpe:2.3:a:kdiskmark_project:kdiskmark:2.1.1
-
cpe:2.3:a:kdiskmark_project:kdiskmark:2.2.0
-
cpe:2.3:a:kdiskmark_project:kdiskmark:2.2.1
-
cpe:2.3:a:kdiskmark_project:kdiskmark:2.3.0
-
cpe:2.3:a:kdiskmark_project:kdiskmark:3.0.0
-
cpe:2.3:o:fedoraproject:fedora:36