Lucene search

[email protected]NVD:CVE-2022-38934

HistorySep 28, 2022 - 5:15 p.m.

CVE-2022-38934

2022-09-2817:15:10

CWE-125

[email protected]

web.nvd.nist.gov

readelf

address read

vulnerabilities

toaruos 2.0.1

parsing crafted elf file

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

20.6%

JSON

readelf in ToaruOS 2.0.1 has some arbitrary address read vulnerabilities when parsing a crafted ELF file.

Affected configurations

Nvd

Node

toaruostoaruosMatch2.0.1

VendorProductVersionCPE
toaruostoaruos2.0.1cpe:2.3:o:toaruos:toaruos:2.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
toaruos	toaruos	2.0.1	cpe:2.3:o:toaruos:toaruos:2.0.1:::::::*

References

github.com/klange/toaruos/issues/244

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

20.6%

JSON

Related for NVD:CVE-2022-38934

prion1 cve1 cvelist1