CVE-2022-22707 — Out-of-bounds Write in Lighttpd

CWE-787 — Out-of-bounds Write7 documents6 sources

Severity

5.9MEDIUMNVD

EPSS

1.5%

top 18.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Lighttpd Debian Lighttpd Debian Linux

Timeline

PublishedJan 6

Latest updateFeb 28

Description

In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/lighttpd< lighttpd 1.4.64-1 (bookworm)

▶Debianlighttpd/lighttpd< 1.4.59-1+deb11u1+3

▶Ubuntulighttpd/lighttpd< 1.4.55-1ubuntu1.20.04.2+1

▶NVDlighttpd/lighttpd1.4.46 — 1.4.63

Also affects: Debian Linux 10.0, 11.0

🔴Vulnerability Details

OSV

lighttpd vulnerabilities↗2023-02-28

▶

GHSA

GHSA-j3jp-95wp-9q83: In lighttpd 1↗2022-01-07

▶

CVEList

CVE-2022-22707: In lighttpd 1↗2022-01-06

▶

OSV

CVE-2022-22707: In lighttpd 1↗2022-01-06

▶

📋Vendor Advisories

Ubuntu

lighttpd vulnerabilities↗2023-02-28

▶

Debian

CVE-2022-22707: lighttpd - In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the ...↗2022

▶