Bug 2061854 (CVE-2022-24512)
Summary: | CVE-2022-24512 dotnet: double parser stack buffer overrun | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Stefan Cornelius <scorneli> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | andrew.slice, bodavis, dbhole, kanderso, lvaleeva, omajid, rwagner, security-response-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A flaw was found in dotnet, where a buffer overrun exists in the double parse routine, which could lead to remote code execution. This flaw allows an attacker to execute code remotely on the system, leading to some system compromise.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-03-10 22:31:21 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2061869, 2061870, 2061871, 2061872, 2061873, 2061874, 2061875, 2061876, 2061877, 2061878, 2061879, 2061880 | ||
Bug Blocks: | 2061840 |
Description
Stefan Cornelius
2022-03-08 16:23:50 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0830 https://access.redhat.com/errata/RHSA-2022:0830 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0826 https://access.redhat.com/errata/RHSA-2022:0826 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:0827 https://access.redhat.com/errata/RHSA-2022:0827 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2022:0829 https://access.redhat.com/errata/RHSA-2022:0829 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2022:0828 https://access.redhat.com/errata/RHSA-2022:0828 This issue has been addressed in the following products: .NET Core on Red Hat Enterprise Linux Via RHSA-2022:0832 https://access.redhat.com/errata/RHSA-2022:0832 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-24512 |