CVE-2022-47022 — NULL Pointer Dereference in Hwloc

CWE-476 — NULL Pointer Dereference6 documents6 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 87.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Open-mpi Hwloc Debian Hwloc Msrc Azl3 Hwloc 2.9.2-2 ON Azure Linux 3.0 +2 more

Timeline

PublishedAug 22

Description

An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages6 packages

▶Debianopen-mpi/hwloc< 2.9.3-1+1

▶NVDopen-mpi/hwloc2.1.0 — 2.9.2

▶msrcmsrc/azl3_hwloc_2.9.2-2_on_azure_linux_3.0

▶msrcmsrc/azl3_openmpi_4.1.7-2_on_azure_linux_3.0

▶debiandebian/hwloc< hwloc 2.9.3-1 (forky)

🔴Vulnerability Details

GHSA

GHSA-wrgx-2383-98cr: An issue was discovered in open-mpi hwloc 2↗2023-08-22

▶

OSV

CVE-2022-47022: An issue was discovered in open-mpi hwloc 2↗2023-08-22

▶

📋Vendor Advisories

Red Hat

hwloc: null pointer dereference bug in open-mpi hwloc↗2023-08-22

▶

Microsoft

An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.↗2023-08-08

▶

Debian

CVE-2022-47022: hwloc - An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a deni...↗2022

▶