CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
software: systemd 249
WASP: ROSA-CHROME
package_evr_string: systemd-249-1.gitfab79a.21
CVE-ID: CVE-2022-3821
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An off-by-one error problem was discovered in Systemd in the format_timespan() function time-util.c. An attacker could provide specific values for time and precision, which would cause a buffer overflow in format_timespan(), resulting in a denial of service.
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update systemd
CVE-ID: CVE-2021-33910
BDU-ID: 2021-04153
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the alloca() and strdup() functions of the Systemd service initialization and management subsystem is associated with an uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update systemd
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low