CVE-2022-4904 - OpenCVE

A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
C-ares Project	C-ares
Redhat	Enterprise Linux Software Collections
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:redhat:software_collections:-:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

Configuration 3 [-]

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2168631	Issue Tracking Third Party Advisory
https://github.com/c-ares/c-ares/issues/496	Exploit Issue Tracking
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2/
https://security.gentoo.org/glsa/202401-02

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-03-06T00:00:00

Updated: 2024-01-05T10:06:27.302526

Reserved: 2023-02-09T00:00:00

Link: CVE-2022-4904

JSON object: View

NVD Information

Status : Modified

Published: 2023-03-06T23:15:11.390

Modified: 2024-01-05T10:15:10.403

Link: CVE-2022-4904

JSON object: View

Redhat Information

No data.

CWE

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*", "matchCriteriaId": "A324E7D7-4A6F-41B9-9615-AEBAC4EB1332", "versionEndExcluding": "1.19.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*", "matchCriteriaId": "749804DA-4B27-492A-9ABA-6BB562A6B3AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity."}], "id": "CVE-2022-4904", "lastModified": "2024-01-05T10:15:10.403", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-06T23:15:11.390", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/c-ares/c-ares/issues/496"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33LDNS6RPOPP36Z4MPWXALUQZXJCWJS2/"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/202401-02"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1284"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "secalert@redhat.com", "type": "Secondary"}]}