CVE-2022-23218: Buffer Overflow
First published: Fri Jan 14 2022(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GNU glibc | <=2.34 | |
| Oracle Communications Cloud Native Core Unified Data Repository | =22.2.0 | |
| Oracle Enterprise Operations Monitor | =4.3 | |
| Oracle Enterprise Operations Monitor | =4.4 | |
| Oracle Enterprise Operations Monitor | =5.0 | |
| Debian Debian Linux | =10.0 | |
| debian/glibc | 2.31-13+deb11u11 2.31-13+deb11u10 2.36-9+deb12u9 2.36-9+deb12u7 2.40-4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.debian.org/debian-lts-announce/2022/10/msg00021.html
- https://security.gentoo.org/glsa/202208-24
- https://sourceware.org/bugzilla/show_bug.cgi?id=28768
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://launchpad.net/bugs/cve/CVE-2022-23218
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2042014
- https://access.redhat.com/errata/RHSA-2022:0896
- https://access.redhat.com/security/cve/cve-2022-23218
- https://bugzilla.redhat.com/show_bug.cgi?id=2042013
- https://security-tracker.debian.org/tracker/CVE-2022-23218
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
- https://nvd.nist.gov/vuln/detail/CVE-2022-23218
- https://ubuntu.com/security/CVE-2022-23218
Frequently Asked Questions
What is CVE-2022-23218?
CVE-2022-23218 is a vulnerability in the GNU C Library (glibc) that allows for a buffer overflow, potentially leading to a denial of service or arbitrary code execution.
How severe is CVE-2022-23218?
CVE-2022-23218 has a severity rating of 9.8, which is considered critical.
Which software is affected by CVE-2022-23218?
GNU glibc up to version 2.34, Oracle Communications Cloud Native Core Unified Data Repository version 22.2.0, Oracle Enterprise Operations Monitor versions 4.3, 4.4, and 5.0, and Debian Debian Linux version 10.0 are affected by CVE-2022-23218.
How can I fix CVE-2022-23218?
To fix CVE-2022-23218, it is recommended to update to the latest version of the affected software.
Where can I find more information about CVE-2022-23218?
More information about CVE-2022-23218 can be found at the following references: [link1], [link2], [link3].
- agent/type
- agent/severity
- agent/weakness
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/remedy
- agent/first-publish-date
- agent/author
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-23218
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- vendor/gnu
- canonical/gnu glibc
- version/gnu glibc/2.34
- vendor/oracle
- canonical/oracle communications cloud native core unified data repository
- version/oracle communications cloud native core unified data repository/22.2.0
- canonical/oracle enterprise operations monitor
- version/oracle enterprise operations monitor/4.3
- version/oracle enterprise operations monitor/4.4
- version/oracle enterprise operations monitor/5.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- package-manager/debian