4 matches found
CVE-2022-3409
A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipartparser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected...
CVE-2022-3409 Unauthenticated out of bounds stack write in bmcweb
A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipartparser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected...
CVE-2022-3409
CVE-2022-3409 concerns the bmcweb component of the OpenBMC project. The issue arises in the multipart_parser when handling unclosed HTTP headers: passing a long multipart form header without a colon can overwrite one byte on the heap, enabling repeated exploitation to cause a denial of service. T...
CVE-2022-3409 Unauthenticated out of bounds stack write in bmcweb
A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipartparser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected...