Summary: | Buffer overflow in svcunix_create with long pathnames (CVE-2022-23218) | ||
---|---|---|---|
Product: | glibc | Reporter: | Florian Weimer <fweimer> |
Component: | network | Assignee: | Florian Weimer <fweimer> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | aurelien, fweimer, pgowda.cve, sam, siddhesh |
Priority: | P2 | Flags: | fweimer:
security+
|
Version: | 2.34 | ||
Target Milestone: | 2.35 | ||
See Also: | https://sourceware.org/bugzilla/show_bug.cgi?id=22542 | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Florian Weimer
2022-01-12 09:40:03 UTC
Fixed for glibc 2.35 via: commit f545ad4928fa1f27a3075265182b38a4f939a5f7 Author: Florian Weimer <fweimer@redhat.com> Date: Mon Jan 17 10:21:34 2022 +0100 CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768) The sunrpc function svcunix_create suffers from a stack-based buffer overflow with overlong pathname arguments. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> |