Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2022-23467
Modified
More InfoOfficial Page
Source-security-advisories@github.com
View Known Exploited Vulnerability (KEV) details
Published At-05 Dec, 2022 | 20:15
Updated At-03 Nov, 2025 | 20:15

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the `razer_attr_read_dpi_stages`, potentially bypassing KASLR. To exploit this vulnerability an attacker would need to access to a users keyboard or mouse or would need to convince a user to use a modified device. The issue has been patched in v3.5.1. Users are advised to upgrade and should be reminded not to plug in unknown USB devices.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.4MEDIUM
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Primary3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CPE Matches
openrazer_project
openrazer_project
>>openrazer>>Versions before 3.5.1(exclusive)
cpe:2.3:a:openrazer_project:openrazer:*:*:*:*:*:linux:*:*
Weaknesses
CWE IDTypeSource
CWE-125Secondarysecurity-advisories@github.com
CWE ID: CWE-125
Type: Secondary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6security-advisories@github.com
Patch
Third Party Advisory
https://github.com/openrazer/openrazer/security/advisories/GHSA-39hg-jvc9-fg7hsecurity-advisories@github.com
Patch
Third Party Advisory
https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6af854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://github.com/openrazer/openrazer/security/advisories/GHSA-39hg-jvc9-fg7haf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2025/04/msg00032.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6
Source: security-advisories@github.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/openrazer/openrazer/security/advisories/GHSA-39hg-jvc9-fg7h
Source: security-advisories@github.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/openrazer/openrazer/security/advisories/GHSA-39hg-jvc9-fg7h
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found