CVE-2022-2211
published 2022-07-12CVE-2022-2211: A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | guestfs-tools | < guestfs-tools 1.48.2-1+deb12u1 (bookworm) | guestfs-tools 1.48.2-1+deb12u1 (bookworm) |
| debian | libguestfs | < guestfs-tools 1.48.2-1+deb12u1 (bookworm) | guestfs-tools 1.48.2-1+deb12u1 (bookworm) |
| libguestfs | libguestfs | >= 0 < 1:1.46.2-1 | 1:1.46.2-1 |
| libguestfs | libguestfs | >= 0 < 1:1.46.2-1 | 1:1.46.2-1 |
| libguestfs | libguestfs | >= 0 < 1:1.46.2-1 | 1:1.46.2-1 |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM
GHSA
GHSA-8rvm-f29f-fjx6: A vulnerability was found in libguestfs
ghsa_unreviewed·2022-07-13
CVE-2022-2211 [MEDIUM] CWE-120 GHSA-8rvm-f29f-fjx6: A vulnerability was found in libguestfs
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
OSV
CVE-2022-2211: A vulnerability was found in libguestfs
osv·2022-07-12·CVSS 6.5
CVE-2022-2211 [MEDIUM] CVE-2022-2211: A vulnerability was found in libguestfs
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
Red Hat
libguestfs: Buffer overflow in get_keys leads to DoS
vendor_redhat·2022-06-24·CVSS 6.5
CVE-2022-2211 [MEDIUM] CWE-119 libguestfs: Buffer overflow in get_keys leads to DoS
libguestfs: Buffer overflow in get_keys leads to DoS
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
Package: libguestfs (Red Hat Enterprise Linux 6) - Out of support scope
Package: libguestfs (Red Hat Enterprise Linux 7) - Out of support scope
Package: virt-v2v (Red Hat Enterprise Linux 8) - Affected
Package: virt:8.2/libguestfs (Red Hat Enterprise Linux 8 Advanced Virtualization)
Debian
CVE-2022-2211: guestfs-tools - A vulnerability was found in libguestfs. This issue occurs while calculating the...
vendor_debian·2022·CVSS 6.5
CVE-2022-2211 [MEDIUM] CVE-2022-2211: guestfs-tools - A vulnerability was found in libguestfs. This issue occurs while calculating the...
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
Scope: local
bookworm: resolved (fixed in 1.48.2-1+deb12u1)
forky: resolved (fixed in 1.48.3-4)
sid: resolved (fixed in 1.48.3-4)
trixie: resolved (fixed in 1.48.3-4)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-07-12
Published