CVE-2022-25315 CRITICAL

Published: 2022-02-18 | Last Modified: 2025-05-05 | Status: Modified

Description

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.

Additional Descriptions (1)

En Expat (también se conoce como libexpat) versiones anteriores a 2.4.5, se presenta un desbordamiento de enteros en storeRawNames

CVSS Metrics

Base Score: 9.8 (CRITICAL)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Availability Impact	HIGH

Source: [email protected]

Type: Primary

Exploitability Score: 3.9

Impact Score: 5.9

Base Score: 7.5 (HIGH)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	PARTIAL
Integrity Impact	PARTIAL
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 6.4

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-190
134c704f-9b21-4f2e-91b3-4a467353bcc0	Secondary	en CWE-190

Affected Products

Vendor	Product	Version	Update	Type
libexpat_project	libexpat	*	<built-in method update of dict object at 0x72a9b0c99340>	Application
debian	debian_linux	10.0	<built-in method update of dict object at 0x72a9b0c9aa00>	Operating System
debian	debian_linux	11.0	<built-in method update of dict object at 0x72a9cd0c2fc0>	Operating System
fedoraproject	fedora	34	<built-in method update of dict object at 0x72a9cd07a840>	Operating System
fedoraproject	fedora	35	<built-in method update of dict object at 0x72a9b0c9a540>	Operating System
oracle	http_server	12.2.1.3.0	<built-in method update of dict object at 0x72a9b0c99840>	Application
oracle	http_server	12.2.1.4.0	<built-in method update of dict object at 0x72a9b0c980c0>	Application
oracle	zfs_storage_appliance_kit	8.8	<built-in method update of dict object at 0x72a9b0734540>	Application
siemens	sinema_remote_connect_server	*	<built-in method update of dict object at 0x72a9cd0c3b00>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:libexpat_project:libexpat::::::::`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:debian:debian_linux:10.0:::::::*`
Yes	`cpe:2.3:o:debian:debian_linux:11.0:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:fedoraproject:fedora:34:::::::*`
Yes	`cpe:2.3:o:fedoraproject:fedora:35:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*`
Yes	`cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*`
Yes	`cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:siemens:sinema_remote_connect_server::::::::`

References

http://www.openwall.com/lists/oss-security/2022/02/19/1
Source: [email protected]

Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
Source: [email protected]

Third Party Advisory
https://github.com/libexpat/libexpat/pull/559
Source: [email protected]

Exploit Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
Source: [email protected]

Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
Source: [email protected]
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
Source: [email protected]
https://security.gentoo.org/glsa/202209-24
Source: [email protected]

Third Party Advisory
https://security.netapp.com/advisory/ntap-20220303-0008/
Source: [email protected]

Third Party Advisory
https://www.debian.org/security/2022/dsa-5085
Source: [email protected]

Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Source: [email protected]

Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/02/19/1
Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://github.com/libexpat/libexpat/pull/559
Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
Source: af854a3a-2127-422b-91ae-364da2661108
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
Source: af854a3a-2127-422b-91ae-364da2661108
https://security.gentoo.org/glsa/202209-24
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://security.netapp.com/advisory/ntap-20220303-0008/
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://www.debian.org/security/2022/dsa-5085
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory