Lucene search

Veracode Vulnerability DatabaseVERACODE:40389

HistoryMay 03, 2023 - 10:07 a.m.

Denial Of Service (DOS)

2023-05-0310:07:49

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

vulnerability

extfs

file system

kernel

escalate privileges

software

EPSS

0.001

Percentile

26.0%

JSON

github.com/apptainer/apptainer is vulnerable to Denial Of Service. The vulnerability exists due to a after free bug when mounting extfs file systems, which allows an attacker to crash the kernel or escalate privileges.

References

access.redhat.com/security/cve/cve-2022-1184

github.com/advisories/GHSA-j4rf-7357-f4cg

github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7

github.com/apptainer/apptainer/releases/tag/v1.1.8

github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg

github.com/torvalds/linux/commit/2220eaf90992c11d888fe771055d4de3303

github.com/torvalds/linux/commit/4f04351888a83e595571de672e0a4a8b74f

lwn.net/Articles/932136/

lwn.net/Articles/932137/

security-tracker.debian.org/tracker/CVE-2022-1184

security.gentoo.org/glsa/202311-13

sylabs.io/2023/04/response-to-cve-2023-30549/

ubuntu.com/security/CVE-2022-1184

www.suse.com/security/cve/CVE-2022-1184.html

EPSS

0.001

Percentile

26.0%

JSON

Related for VERACODE:40389