A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability.
{
"cna_assigner": "talos",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/29xxx/CVE-2022-29503.json",
"cwe_ids": [
"CWE-119"
],
"unresolved_ranges": [
{
"source": "AFFECTED_FIELD",
"extracted_events": [
{
"introduced": "2.1.8.8h"
},
{
"last_affected": "2.1.8.8h"
},
{
"introduced": "2.1.8.8h"
},
{
"last_affected": "2.1.8.8h"
},
{
"introduced": "2.1.8.8h"
},
{
"last_affected": "2.1.8.8h"
},
{
"introduced": "2.1.8.8h"
},
{
"last_affected": "2.1.8.8h"
},
{
"introduced": "0.9.33.2"
},
{
"last_affected": "0.9.33.2"
},
{
"introduced": "0.9.33.2"
},
{
"last_affected": "0.9.33.2"
},
{
"introduced": "0.9.33.2"
},
{
"last_affected": "0.9.33.2"
},
{
"introduced": "0.9.33.2"
},
{
"last_affected": "0.9.33.2"
},
{
"introduced": "1.0.40"
},
{
"last_affected": "1.0.40"
}
]
}
]
}