Lucene search

GoogleOSV:CVE-2022-3409

HistoryOct 27, 2022 - 1:15 p.m.

CVE-2022-3409

2022-10-2713:15:11

Google

osv.dev

openbmc

bmcweb

denial of service

multipart_parser

memory corruption

afl++

address sanitizer

heap overflow

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

0.001 Low

EPSS

Percentile

38.5%

JSON

A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS.

CPENameOperatorVersion
openbmceq2.13.0-de
openbmceq2.10.0-de
openbmceq2.12.0-de
openbmceq2.11.0-de

Name	Operator	Version
openbmc	eq	2.13.0-de
openbmc	eq	2.10.0-de
openbmc	eq	2.12.0-de
openbmc	eq	2.11.0-de

References

github.com/openbmc/bmcweb

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

0.001 Low

EPSS

Percentile

38.5%

JSON

Related for OSV:CVE-2022-3409