CVE-2022-23218 — Classic Buffer Overflow in Glibc

CWE-120 — Classic Buffer Overflow CWE-787 — Out-of-bounds Write11 documents9 sources

Severity

9.8CRITICALNVD

EPSS

0.4%

top 40.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Glibc Debian Linux Oracle Communications Cloud Native Core Unified Data Repository +1 more

Timeline

PublishedJan 14

Latest updateOct 15

Description

The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶NVDgnu/glibc< 2.31

▶Debiangnu/glibc< 2.31-13+deb11u3+3

▶NVDoracle/enterprise_operations_monitor4.3, 4.4, 5.0+2

▶NVDoracle/communications_cloud_native_core_unified_data_repository22.2.0

Also affects: Debian Linux 10.0

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

OSV

glibc vulnerabilities↗2022-03-07

▶

GHSA

GHSA-8g8v-256r-57v7: The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2↗2022-01-15

▶

CVEList

CVE-2022-23218: The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2↗2022-01-14

▶

OSV

CVE-2022-23218: The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2↗2022-01-14

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Signaling (glibc) — CVE-2022-23218↗2022-10-15

▶

Ubuntu

GNU C Library vulnerabilities↗2022-03-07

▶

Ubuntu

GNU C Library vulnerabilities↗2022-03-01

▶

Red Hat

glibc: Stack-based buffer overflow in svcunix_create via long pathnames↗2022-01-12

▶

Microsoft

▶