Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23219

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 14 янв. 2022
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: low
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8

ОписаниС

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

DNE

devel

DNE

esm-infra-legacy/trusty

needed

esm-infra/focal

DNE

focal

DNE

impish

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

released

2.27-3ubuntu1.5
devel

not-affected

2.35-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

2.27-3ubuntu1.5
esm-infra/focal

not-affected

2.31-0ubuntu9.7
esm-infra/xenial

released

2.23-0ubuntu11.3+esm1
focal

released

2.31-0ubuntu9.7
impish

released

2.34-0ubuntu3.2
jammy

not-affected

2.35-0ubuntu1
kinetic

not-affected

2.35-0ubuntu1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 61%
0.00417
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23219

CVSS3: 7
redhat
большС 7 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23219

CVSS3: 9.8
nvd
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23219

CVSS3: 9.8
msrc
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

ОписаниС отсутствуСт

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2022-23219

CVSS3: 9.8
debian
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The deprecated compatibility function clnt_create in the sunrpc module ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-fhxm-4mc9-6jf5

CVSS3: 9.8
github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 61%
0.00417
Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2022-23219