CVE-2022-45873

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-45873

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-45873.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-45873

Related

Published

2022-11-23T23:15:10Z

Modified

2024-09-18T03:23:11.883519Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parseelfobject in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.

References

Affected packages

Debian:12 / systemd

Package

Name: systemd
Purl: pkg:deb/debian/systemd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

252-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / systemd

Package

Name: systemd
Purl: pkg:deb/debian/systemd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

252-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/systemd/systemd

Affected ranges

Type: GIT
Repo: https://github.com/systemd/systemd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

076b807be472630692c5348c60d0c2b7b28ad437

Affected versions

Other

001

002

003

004

005

006

007

008

009

010

011

012

013

014

015

016

017

018

019

020

021

022

023

024

025

026

027

028

029

030

031

032

033

034

035

036

037

038

039

040

042

043

044

045

046

047

048

049

050

051

052

053

054

055

056

057

058

059

060

061

062

064

174

175

176

177

178

179

180

181

182

v10

v11

v12

v13

v14

v15

v16

v17

v18

v183

v184

v185

v186

v187

v188

v189

v19

v190

v191

v192

v193

v194

v195

v196

v197

v198

v199

v20

v200

v201

v202

v203

v204

v205

v206

v207

v208

v209

v21

v210

v211

v212

v213

v214

v215

v216

v217

v218

v219

v22

v220

v221

v222

v223

v224

v225

v226

v227

v228

v229

v23

v230

v231

v232

v233

v234

v235

v236

v237

v238

v239

v24

v240

v241

v241-rc1

v241-rc2

v242

v242-rc1

v242-rc2

v242-rc3

v242-rc4

v243

v243-rc1

v243-rc2

v244

v244-rc1

v245

v245-rc1

v245-rc2

v246

v246-rc1

v246-rc2

v247

v247-rc1

v247-rc2

v248

v248-2

v248-rc1

v248-rc2

v248-rc3

v248-rc4

v249

v249-rc1

v249-rc2

v249-rc3

v25

v250

v250-rc1

v250-rc2

v250-rc3

v251

v251-rc1

v251-rc2

v251-rc3

v252-rc1

v252-rc2

v26

v27

v28

v29

v30

v31

v32

v33

v34

v35

v36

v37

v38

v39

v40

v41

v42

v43

v44

v243.*

v243.1