OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the razer_attr_read_dpi_stages, potentially bypassing KASLR. To exploit this vulnerability an attacker would need to access to a users keyboard or mouse or would need to convince a user to use a modified device. The issue has been patched in v3.5.1. Users are advised to upgrade and should be reminded not to plug in unknown USB devices.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23467.json",
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-125"
]
}{
"cpe": "cpe:2.3:a:openrazer_project:openrazer:*:*:*:*:*:linux:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "3.5.1"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"21016965312225172488447817061522967650",
"59827577791532700401720178085770606050",
"159152515289133669525804506311563790580"
]
},
"target": {
"file": "driver/razercommon.c"
},
"id": "CVE-2022-23467-33594fea",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6",
"deprecated": false
},
{
"digest": {
"function_hash": "292990378799845319763936035513001335407",
"length": 793.0
},
"target": {
"function": "razer_get_usb_response",
"file": "driver/razercommon.c"
},
"id": "CVE-2022-23467-44de9647",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/openrazer/openrazer/commit/33aa7f07d54ae066f201c6d298cb4a2181cb90e6",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23467.json"
"2026-07-09T02:49:33Z"