CVE-2022-23852

CWE-190 — Integer Overflow11 documents10 sources

Severity

9.8CRITICAL

EPSS

1.7%

top 17.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Platform External/expat Libexpat Project Libexpat Siemens Sinema Remote Connect Server +3 more

Timeline

PublishedJan 24

Latest updateSep 1

Description

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

▶NVDlibexpat_project/libexpat< 2.4.4

▶Androidplatform/external/expat10:0 — 10:2022-09-01+3

▶Debianexpat< 2.2.10-2+deb11u1+3

▶NVDtenable/nessus10.0.0 — 10.1.1+1

▶NVDsiemens/sinema_remote_connect_server< 3.1

Also affects: Debian Linux 9.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

CVE-2022-23852: In XML_GetBuffer of xmlparse↗2022-09-01

▶

GHSA

GHSA-h83g-c7g2-6r9h: Expat (aka libexpat) before 2↗2022-02-10

▶

OSV

CVE-2022-23852: Expat (aka libexpat) before 2↗2022-01-24

▶

CVEList

CVE-2022-23852: Expat (aka libexpat) before 2↗2022-01-24

▶

📋Vendor Advisories

Android

CVE-2022-23852: Android Security Bulletin 2022-09-01 CVE: CVE-2022-23852 Severity: HIGH Type: EoP Affected AOSP versions: 10, 11, 12, 12L References: A-221255869↗2022-09-01

▶

Ubuntu

Expat vulnerabilities↗2022-02-21

▶

Red Hat

expat: Integer overflow in function XML_GetBuffer↗2022-01-23

▶

Microsoft

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer for configurations with a nonzero XML_CONTEXT_BYTES.↗2022-01-11

▶

Debian

CVE-2022-23852: expat - Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer...↗2022

▶