CVE-2022-24705

EPSS 0.46%
Veröffentlicht 14.02.2022 22:15:08
Zuletzt bearbeitet 21.11.2024 06:50:54
Quelle cve_disclosure@tech.gov.sg
Teams Watchlist Login
Unerledigt Login

The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Accel-ppp ≫ Accel-ppp Version < 1.12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.46%	0.631

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://github.com/accel-ppp/accel-ppp/pull/35

Patch

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-24705

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-24705

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-24705

EUVD