Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-45873
HistoryNov 23, 2022 - 11:15 p.m.

Design/Logic Flaw

2022-11-2323:15:00
PRIOn knowledge base
www.prio-n.com
10
systemd
coredump
deadlock
parse_elf_object
vulnerability
exploitation
nested directory
backtrace
maxconnections
systemd-coredump.socket

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.

Related

cbl_mariner 2
redhatcve 1
debiancve 1
nessus 10
cve 1
nvd 1
cvelist 1
ubuntucve 1
veracode 1
osv 4
redhat 2
oraclelinux 1
almalinux 1
openvas 2
gentoo 1
rocky 1
fedora 1
ubuntu 1
cloudfoundry 1
ics 1
cbl_mariner
cbl_mariner
CVE-2022-45873 affecting package systemd for versions less than 250.3-12
2023-01-03 20:57:29
CVE-2022-45873 affecting package systemd-bootstrap for versions less than 250.3-17
2024-03-19 17:21:46
redhatcve
redhatcve
CVE-2022-45873
2022-11-28 18:12:36
debiancve
debiancve
CVE-2022-45873
2022-11-23 23:15:10
nessus
nessus
CBL Mariner 2.0 Security Update: systemd (CVE-2022-45873)
2023-03-20 00:00:00
RHEL 9 : systemd (RHSA-2023:0954)
2023-02-28 00:00:00
GLSA-202405-04 : systemd: Multiple Vulnerabilities
2024-05-04 00:00:00
cve
cve
CVE-2022-45873
2022-11-23 23:15:10
nvd
nvd
CVE-2022-45873
2022-11-23 23:15:10
cvelist
cvelist
CVE-2022-45873
2022-11-23 00:00:00
ubuntucve
ubuntucve
CVE-2022-45873
2022-11-23 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-25 04:31:41
osv
osv
CVE-2022-45873
2022-11-23 23:15:10
Moderate: systemd security update
2023-04-06 15:53:31
Moderate: systemd security update
2023-02-28 00:00:00
redhat
redhat
(RHSA-2023:0954) Moderate: systemd security update
2023-02-28 07:53:01
(RHSA-2023:3742) Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
2023-06-21 15:20:50
oraclelinux
oraclelinux
systemd security update
2023-03-01 00:00:00
almalinux
almalinux
Moderate: systemd security update
2023-02-28 00:00:00
openvas
openvas
Fedora: Security Advisory for systemd (FEDORA-2022-ef4f57b072)
2022-12-31 00:00:00
Ubuntu: Security Advisory (USN-5928-1)
2023-03-07 00:00:00
gentoo
gentoo
systemd: Multiple Vulnerabilities
2024-05-04 00:00:00
rocky
rocky
systemd security update
2023-04-06 15:53:31
fedora
fedora
[SECURITY] Fedora 36 Update: systemd-250.9-1.fc36
2022-12-31 01:16:54
ubuntu
ubuntu
systemd vulnerabilities
2023-03-07 00:00:00
cloudfoundry
cloudfoundry
USN-5928-1: systemd vulnerabilities | Cloud Foundry
2023-04-20 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for PRION:CVE-2022-45873
cbl_mariner2redhatcve1debiancve1nessus10cve1nvd1cvelist1ubuntucve1veracode1osv4redhat2oraclelinux1almalinux1openvas2gentoo1rocky1fedora1ubuntu1cloudfoundry1ics1