Published: 30/11/2022 Updated: 08/08/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

g810-led 0.4.2, a LED configuration tool for Logitech Gx10 keyboards, contained a udev rule to make supported device nodes world-readable and writable, allowing any process on the system to read traffic from keyboards, including sensitive data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
g810-led project g810-led 0.4.2
debian debian linux 10.0

Debian Bug report logs - #1024998 g810-led: Security risk: Leaves /dev/input/event* with read and write permissions for all users (CVE-2022-46338) Package: g810-led; Maintainer for g810-led is Stephen Kitt <skitt@debianorg>; Source for g810-led is src:g810-led (PTS, buildd, popcon) Reported by: Xavi Drudis Ferran <xdrudi ...

whiptail is now fixed, archfi and archdi are still dialog based but I will add the choice between the two for next release : pagureio/newt/issue/22 pagureio/newt/issue/23 I released a new version for g810-led which fixes CVE-2022-46338 (wwwcveorg/CVERecord?id=CVE-2022-46338) If you love your HP48 calculator from your studies and want it on Linux, h

CWE-732 https://github.com/MatMoul/g810-led/pull/297 https://bugs.debian.org/1024998 https://lists.debian.org/debian-lts-announce/2022/12/msg00002.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024998 https://nvd.nist.gov https://github.com/MatMoul/matmoul

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-46338

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect