Lucene search

UbuntuUSN-5531-1

HistoryJul 26, 2022 - 12:00 a.m.

protobuf-c vulnerability

2022-07-2600:00:00

ubuntu.com

ubuntu 22.04 lts

ubuntu 20.04 lts

protobuf-c

protocol buffers

denial of service

system crash

cve-2022-33070

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0.001

Percentile

42.3%

JSON

Releases

Ubuntu 22.04 LTS
Ubuntu 20.04 LTS

Packages

protobuf-c - Protocol Buffers C static library and headers (protobuf-c)

Details

Pietro Borrello discovered that protobuf-c contained an invalid
arithmetic shift. This vulnerability allowed attackers to cause a
denial of service (system crash) via unspecified vectors
(CVE-2022-33070).

It was discovered that protobuf-c contained an unsigned integer
overflow. This vulnerability allowed attackers to cause a denial of
service (system crash) via unspecified vectors.

Todd Miller discovered that protobuf-c contained a possible NULL
dereference. This could cause a vulnerability that allowed attackers to
cause a denial of service (system crash) via unspecified vectors.

OSVersionArchitecturePackageVersionFilename
Ubuntu22.04noarchprotobuf-c-compiler< 1.3.3-1ubuntu2.1UNKNOWN
Ubuntu22.04noarchlibprotobuf-c-dev< 1.3.3-1ubuntu2.1UNKNOWN
Ubuntu22.04noarchlibprotobuf-c1< 1.3.3-1ubuntu2.1UNKNOWN
Ubuntu22.04noarchlibprotobuf-c1-dbgsym< 1.3.3-1ubuntu2.1UNKNOWN
Ubuntu22.04noarchprotobuf-c-compiler-dbgsym< 1.3.3-1ubuntu2.1UNKNOWN
Ubuntu20.04noarchprotobuf-c-compiler< 1.3.3-1ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibprotobuf-c-dev< 1.3.3-1ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibprotobuf-c1< 1.3.3-1ubuntu0.1UNKNOWN
Ubuntu20.04noarchlibprotobuf-c1-dbgsym< 1.3.3-1ubuntu0.1UNKNOWN
Ubuntu20.04noarchprotobuf-c-compiler-dbgsym< 1.3.3-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	22.04	noarch	protobuf-c-compiler	< 1.3.3-1ubuntu2.1	UNKNOWN
Ubuntu	22.04	noarch	libprotobuf-c-dev	< 1.3.3-1ubuntu2.1	UNKNOWN
Ubuntu	22.04	noarch	libprotobuf-c1	< 1.3.3-1ubuntu2.1	UNKNOWN
Ubuntu	22.04	noarch	libprotobuf-c1-dbgsym	< 1.3.3-1ubuntu2.1	UNKNOWN
Ubuntu	22.04	noarch	protobuf-c-compiler-dbgsym	< 1.3.3-1ubuntu2.1	UNKNOWN
Ubuntu	20.04	noarch	protobuf-c-compiler	< 1.3.3-1ubuntu0.1	UNKNOWN
Ubuntu	20.04	noarch	libprotobuf-c-dev	< 1.3.3-1ubuntu0.1	UNKNOWN
Ubuntu	20.04	noarch	libprotobuf-c1	< 1.3.3-1ubuntu0.1	UNKNOWN
Ubuntu	20.04	noarch	libprotobuf-c1-dbgsym	< 1.3.3-1ubuntu0.1	UNKNOWN
Ubuntu	20.04	noarch	protobuf-c-compiler-dbgsym	< 1.3.3-1ubuntu0.1	UNKNOWN