CVE-2022-29023

Published: May 20, 2022Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.

Affected (1)

Products: Openrazer Project: Openrazer

Openrazer Project

1 product

Openrazer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openrazer Project Openrazer	Before 3.3.0

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (5)

https://github.com/openrazer/openrazer/pull/1790

Source: cve@mitre.org

PatchThird Party Advisory

https://www.cyberark.com/resources/threat-research-blog/colorful-vulnerabilities

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/openrazer/openrazer/pull/1790

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2025/04/msg00032.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.cyberark.com/resources/threat-research-blog/colorful-vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.