Cyber Resilience

CVE-2022-22942

High

Published: 13 December 2023

Published
13 December 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1353 94.4th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-22942 is a high-severity Use After Free (CWE-416) vulnerability in Vmware Photon Os. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 5.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The vmwgfx driver contains a use-after-free vulnerability (CWE-416) stemming from a dangling file pointer. This flaw affects the VMware graphics driver used in virtualized environments, notably within VMware Photon OS distributions, and carries a CVSS 3.1 base score of 7.8 reflecting local attack vector and high impact on confidentiality, integrity, and availability.

An unprivileged local user can exploit the dangling pointer to access files opened by other processes on the system, resulting in local privilege escalation. The attack requires no user interaction and operates with low complexity under the listed CVSS metrics.

Security updates addressing the issue are documented in VMware Photon OS advisories for versions 3.0-356 and 4.0-148, along with an oss-security disclosure from January 2022 that directs administrators to apply the corresponding kernel or driver patches. The associated EPSS score remains flat at a peak of 0.1353 with no material upward trajectory observed after disclosure.

EU & UK References

Vulnerability details

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

vmware
photon os
3.0, 4.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-416

Use-after-free exploits that achieve arbitrary code execution are blocked or significantly hardened by non-executable pages and ASLR.

References