CVE-2022-20162

Publication date 15 June 2022

Last updated 1 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

4.4 · Medium

Score breakdown

Description

In asn1_p256_int of crypto/asn1.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223492713References: N/A

Read the notes from the security team

Status

Package Ubuntu Release Status

Notes

ebarretto

linux kernel for Android only.

Severity score breakdown

CVSS version: CVSS v3.0

Base score 4.4 · Medium

Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

References

Other references

Access our resources on patching vulnerabilities