Lucene search

[email protected]CVE-2020-22429

HistoryMay 03, 2023 - 8:15 p.m.

CVE-2020-22429

2023-05-0320:15:09

CWE-416

[email protected]

web.nvd.nist.gov

cve-2020-22429

redox-os

use-after-free bug

gethostbyaddr

nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs.

Affected configurations

NVD

Node

redox-osredoxMatch0.1.0

CPENameOperatorVersion
redox-os:redoxredox-os redoxeq0.1.0

CPE	Name	Operator	Version
redox-os:redox	redox-os redox	eq	0.1.0

References

burtonqin.github.io/posts/2023/04/CVE-2020-22429/

gitlab.redox-os.org/redox-os/relibc/issues/159

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2020-22429

cvelist1 nvd1 prion1