CVE-2022-25479
Realtek RtsPer Card Reader Driver vulnerability analysis and mitigation

Overview

A vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap. The vulnerability affects numerous laptops from major manufacturers, including Dell, Lenovo, HP, and MSI (Cybersecurity News).

Technical details

The vulnerability (CVE-2022-25479) enables non-privileged users to leak kernel memory through improperly handled SCSI commands. The issue resides in the handlers of READ CAPACITY and vendor-specific commands that fail to properly validate buffer sizes when copying data. The vulnerability has a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

Impact

The vulnerability affects multiple SD card reader models including RTS5227, RTS5228, RTS522A, RTS5249, RTS524A, RTS5250, RTS525A, RTS5287, RTS5260, RTS5261, and RTS5264. Due to the widespread use of these readers in laptops from various manufacturers, the potential impact is significant. The flaw could lead to information disclosure and potential system compromise (ZwClose Blog).

Mitigation and workarounds

Realtek has released patches for these vulnerabilities. The fixed version of RtsPer.sys is 10.0.26100.21374 or higher, released in July or August 2023. Users of affected laptops are strongly advised to update their SD card reader drivers through their respective OEM channels (ZwClose Blog).

Additional resources


SourceThis report was generated using AI

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management