5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
48.2%
file is vulnerable to Denial of Service (DoS) attacks. This vulnerability exists due to a flaw in the way the file_copystr()
function in the funcs.c
file copies a string from one buffer to another. An attacker can exploit this vulnerability to corrupt the stack, which could lead to a crash.
CPE | Name | Operator | Version |
---|---|---|---|
file:sid | eq | 1:5.39-3 | |
file:bullseye | eq | 1:5.38-5 | |
file:sid | eq | 1:5.39-3 | |
file:bullseye | eq | 1:5.38-5 |
seclists.org/fulldisclosure/2024/Mar/21
seclists.org/fulldisclosure/2024/Mar/24
seclists.org/fulldisclosure/2024/Mar/25
bugs.astron.com/view.php?id=310
security-tracker.debian.org/tracker/CVE-2022-48554
security.netapp.com/advisory/ntap-20231116-0002/
support.apple.com/kb/HT214081
support.apple.com/kb/HT214084
support.apple.com/kb/HT214086
support.apple.com/kb/HT214088
www.debian.org/security/2023/dsa-5489