Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU72502
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-30339
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in firmware. A local administrator can trigger an out-of-bounds read error and cause a denial of service condition on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsXPS 17 9720: before 3.10.100.4572
XPS 17 9710: before 3.10.100.4477
XPS 17 9700: before 3.10.100.4140
XPS 15 9520: before 3.10.100.4572
XPS 15 9510: before 3.10.100.4477
XPS 15 9500: before 3.10.100.4140
XPS 13 9320: before 3.10.100.4572
XPS 13 9315 2-in-1: before 3.10.100.4572
XPS 13 9315: before 3.10.100.4572
XPS 13 9310 2-in-1: before 3.10.100.4477
XPS 13 9310: before 3.12.1
Vostro 7620: before 3.10.100.4572
Vostro 7510: before 3.10.100.4477
Vostro 7500: before 3.10.100.4140
Vostro 5620: before 3.10.100.4572
Vostro 5510: before 3.10.100.4477
Vostro 5502: before 3.10.100.4477
Vostro 5410: before 3.10.100.4477
Vostro 5402: before 3.10.100.4477
Vostro 5320: before 3.10.100.4572
Vostro 5310: before Pending
Vostro 5301: before 3.10.100.4477
Vostro 5300: before 3.10.100.4140
Precision 7770: before 3.10.100.4572
Precision 7750: before 3.10.100.4140
Precision 7670: before 3.10.100.4572
Precision 7550: before 3.10.100.4140
Precision 5770: before 3.10.100.4572
Precision 5760: before 3.10.100.4477
Precision 5750: before 3.10.100.4140
Precision 5570: before 3.10.100.4572
Precision 5560: before 3.10.100.4477
Precision 5550: before 3.10.100.4140
Precision 5470: before 3.10.100.4572
Precision 3571: before 3.10.100.4572
Precision 3570: before 3.10.100.4572
Precision 3561: before 3.10.100.4477
Precision 3560: before 3.10.100.4477
Precision 3470: before 3.10.100.4572
Latitute 5421: before 3.10.100.4477
Latitude 9520: before 3.10.100.4477
Latitude 9510: before 3.10.100.4140
Latitude 9420: before 3.10.100.4477
Latitude 9410: before 3.10.100.4140
Latitude 7530: before 3.10.100.4572
Latitude 7520: before 3.10.100.4477
Latitude 7430: before 3.10.100.4572
Latitude 7420: before 3.10.100.4477
Latitude 7410: before 3.10.100.4140
Latitude 7330: before 3.10.100.4572
Latitude 7320 Detachable: before 3.10.100.4477
Latitude 7320: before 3.10.100.4477
Latitude 7310: before 3.10.100.4140
Latitude 7210 2-in-1: before 3.10.100.4140
Latitude 5531: before 3.10.100.4572
Latitude 5530: before 3.10.100.4572
Latitude 5521: before 3.10.100.4477
Latitude 5520: before 3.10.100.4477
Latitude 5431: before 3.10.100.4572
Latitude 5430: before 3.10.100.4572
Latitude 5420: before 3.10.100.4477
Latitude 5330: before 3.10.100.4572
Latitude 5320: before 3.10.100.4477
Latitude 5310 2-IN-1: before 3.10.100.4140
Latitude 3530: before 3.10.100.4572
Latitude 3520: before 3.10.100.4477
Latitude 3510: before 3.10.100.4140
Latitude 3430: before 3.10.100.4572
Latitude 3420: before 3.10.100.4477
Latitude 3410: before 3.10.100.4140
Latitude 3330: before Pending
Latitude 3320: before 3.10.100.4477
Inspiron 7706 2-in-1: before 3.10.100.4477
Inspiron 7620: before 3.10.100.4572
Inspiron 7610: before 3.10.100.4477
Inspiron 7510: before 3.10.100.4477
Inspiron 7506 2-in-1: before 3.10.100.4477
Inspiron 7501: before 3.10.100.4140
Inspiron 7500 2-in-1 Black: before 3.10.100.4140
Inspiron 7500: before 3.10.100.4140
Inspiron 7420: before 3.10.100.4572
Inspiron 7400: before 3.10.100.4477
Inspiron 7306 2-in-1: before 3.10.100.4477
Inspiron 7300 2-in-1: before 3.10.100.4140
Inspiron 7300: before 3.10.100.4477
Inspiron 5620: before 3.10.100.4572
Inspiron 5510: before 3.10.100.4477
Inspiron 5509: before 3.10.100.4477
Inspiron 5502: before 3.10.100.4477
Inspiron 5420: before 3.10.100.4572
Inspiron 5409: before 3.10.100.4477
Inspiron 5406 2-in-1: before 3.10.100.4477
Inspiron 5402: before 3.10.100.4477
Inspiron 5320: before 3.10.100.4572
Inspiron 5310: before Pending
Inspiron 5301: before 3.10.100.4477
Inspiron 5300: before 3.10.100.4140
Inspiron 16 Plus 7620: before 3.10.100.4572
Inspiron 14 Plus 7420: before 3.10.100.4572
Inspiron 14 5410 2-in-1: before 3.10.100.4477
Dell G7 17 7700: before 3.10.100.4140
Dell G7 15 7500: before 3.10.100.4140
Dell G5 15 5500: before 3.10.100.4140
Dell G3 3500: before 3.10.100.4140
Alienware x17 R2: before 3.1.0.4572
Alienware x17 R1: before 3.1.0.4477
Alienware x15 R2: before 3.1.0.4572
Alienware x15 R1: before 3.1.0.4477
Alienware x14: before 3.1.0.4572
Alienware m17 R4: before 3.1.0.4140
Alienware m17 R3: before 3.1.0.4140
Alienware m15 R4: before 3.1.0.4140
Alienware m15 R3: before 3.1.0.4140
Latitude 5421: before 1.18.0
External linkshttp://www.dell.com/support/kbdoc/nl-nl/000208514/dsa-2023-066
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.