Ubuntu.comUB:CVE-2022-1924CVE-2022-1924
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.6%
DOS / potential heap overwrite in mkv demuxing using lzo decompression.
Integer overflow in matroskademux element in lzo decompression function
which causes a segfault, or could cause a heap overwrite, depending on libc
and OS. Depending on the libc used, and the underlying OS capabilities, it
could be just a segfault or a heap overwrite. If the libc uses mmap for
large chunks, and the OS supports mmap, then it is just a segfault (because
the realloc before the integer overflow will use mremap to reduce the size
of the chunk, and it will start to write to unmapped memory). However, if
using a libc implementation that does not use mmap, or if the OS does not
support mmap while using libc, then this could result in a heap overwrite.
Notes
| Author | Note |
|---|---|
| leosilva | same fix as CVE-2022-1922 |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | gst-plugins-good1.0 | < 1.14.5-0ubuntu1~18.04.3 | UNKNOWN |
| ubuntu | 20.04 | noarch | gst-plugins-good1.0 | < 1.16.3-0ubuntu1.1 | UNKNOWN |
| ubuntu | 22.04 | noarch | gst-plugins-good1.0 | < 1.20.3-0ubuntu1 | UNKNOWN |
| ubuntu | 16.04 | noarch | gst-plugins-good1.0 | < 1.8.3-1ubuntu0.5+esm1 | UNKNOWN |
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.6%