CVE-2022-25480

July 2, 2024, 7:15 p.m.

None
No Score

Description

Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP.

Product(s) Impacted

Product Versions
Realtek RtsPer driver for PCIe Card Reader
  • ['before 10.0.22000.21355']
Realtek RtsUer driver for USB Card Reader
  • ['before 10.0.22000.31274']

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

http://realtek.com
https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a
https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf

Tags

cve@mitre.org
2024-07-02
CVE-2022-25480

Timeline

Published: July 2, 2024, 7:15 p.m.
Last Modified: July 2, 2024, 7:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.