CVE-2022-37454: Integer Overflow
First published: Fri Oct 21 2022(Updated: )
Fixed bug : buffer overflow in hash_update() on long parameter. (CVE-2022-37454)
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/pysha3 | <=1.0.2-2<=1.0.2-4.1<=1.0.2-4.2 | 1.0.2-4.1+deb11u1 1.0.2-5 |
| Extended Keccak Code Package Project Extended Keccak Code Package | ||
| Debian Debian Linux | =10.0 | |
| Debian Debian Linux | =11.0 | |
| Fedoraproject Fedora | =35 | |
| Fedoraproject Fedora | =36 | |
| PHP PHP | >=7.2.0<7.4.33 | |
| PHP PHP | >=8.0.0<8.0.25 | |
| PHP PHP | >=8.1.0<8.1.12 | |
| Python Python | >=3.6.0<3.7.16 | |
| Python Python | >=3.8.0<3.8.16 | |
| Python Python | >=3.9.0<3.9.16 | |
| Python Python | >=3.10.0<3.10.9 | |
| Sha3 Project Sha3 | <1.0.5 | |
| Pysha3 Project Pysha3 | ||
| PHP PHP | >=7.0.0 | |
| PHP PHP | <8.0.25 | 8.0.25 |
| ubuntu/php7.2 | <7.2.24-0ubuntu0.18.04.15 | 7.2.24-0ubuntu0.18.04.15 |
| ubuntu/php7.4 | <7.4.3-4ubuntu2.15 | 7.4.3-4ubuntu2.15 |
| ubuntu/php8.1 | <8.1.2-1ubuntu2.8 | 8.1.2-1ubuntu2.8 |
| ubuntu/php8.1 | <8.1.7-1ubuntu3.1 | 8.1.7-1ubuntu3.1 |
| ubuntu/php8.1 | <8.1.12-1ubuntu2 | 8.1.12-1ubuntu2 |
| ubuntu/php8.1 | <8.1.12-1 | 8.1.12-1 |
| ubuntu/pypy3 | <7.3.1+dfsg-4ubuntu0.1 | 7.3.1+dfsg-4ubuntu0.1 |
| ubuntu/pypy3 | <7.3.9+dfsg-1ubuntu0.1 | 7.3.9+dfsg-1ubuntu0.1 |
| ubuntu/pypy3 | <7.3.9+dfsg-5 | 7.3.9+dfsg-5 |
| ubuntu/pysha3 | <1.0.2-4ubuntu0.1 | 1.0.2-4ubuntu0.1 |
| ubuntu/pysha3 | <1.0.2-4.2ubuntu0.22.04.1 | 1.0.2-4.2ubuntu0.22.04.1 |
| ubuntu/python3.10 | <3.10.6-1~22.04.2 | 3.10.6-1~22.04.2 |
| ubuntu/python3.10 | <3.10.7-1ubuntu0.2 | 3.10.7-1ubuntu0.2 |
| ubuntu/python3.10 | <3.10.9-1 | 3.10.9-1 |
| ubuntu/python3.6 | <3.6.9-1~18.04ubuntu1.10 | 3.6.9-1~18.04ubuntu1.10 |
| ubuntu/python3.7 | <3.7.5-2ubuntu1~18.04.2+ | 3.7.5-2ubuntu1~18.04.2+ |
| ubuntu/python3.8 | <3.8.0-3ubuntu1~18.04.2+ | 3.8.0-3ubuntu1~18.04.2+ |
| ubuntu/python3.8 | <3.8.10-0ubuntu1~20.04.6 | 3.8.10-0ubuntu1~20.04.6 |
| ubuntu/python3.9 | <3.9.5-3ubuntu0~20.04.1+ | 3.9.5-3ubuntu0~20.04.1+ |
| debian/php7.3 | <=7.3.31-1~deb10u1 | 7.3.31-1~deb10u5 |
| debian/php7.4 | 7.4.33-1+deb11u4 7.4.33-1+deb11u5 | |
| debian/pypy3 | 7.0.0+dfsg-3 7.3.5+dfsg-2+deb11u2 7.3.11+dfsg-2+deb12u1 7.3.15+dfsg-1 7.3.16+dfsg-2 | |
| debian/pysha3 | <=1.0.2-2 | 1.0.2-2+deb10u1 1.0.2-4.1+deb11u1 |
| debian/python2.7 | 2.7.16-2+deb10u1 2.7.16-2+deb10u4 2.7.18-8+deb11u1 | |
| debian/python3.7 | <=3.7.3-2+deb10u3 | 3.7.3-2+deb10u7 |
| debian/python3.9 | <=3.9.2-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/tiran/pysha3/issues/29
- https://security-tracker.debian.org/tracker/CVE-2022-37454
- https://github.com/python/cpython/issues/98517
- https://mouha.be/sha-3-buffer-overflow/
- http://tumbleweed.org.za/
- https://bugs.debian.org/1023033
- http://snapshot.debian.org/
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023030
- https://csrc.nist.gov/projects/hash-functions/sha-3-project
- https://eprint.iacr.org/2023/331
- https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658
- https://lists.debian.org/debian-lts-announce/2022/10/msg00041.html
- https://lists.debian.org/debian-lts-announce/2022/11/msg00000.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ALQ6BDDPX5HU5YBQOBMDVAA2TSGDKIJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CMIEXLMTW5GO36HTFFWIPB3OHZXCT3G4/
- https://news.ycombinator.com/item?id=33281106
- https://news.ycombinator.com/item?id=35050307
- https://security.gentoo.org/glsa/202305-02
- https://www.debian.org/security/2022/dsa-5267
- https://www.debian.org/security/2022/dsa-5269
- https://launchpad.net/bugs/cve/CVE-2022-37454
- https://www.php.net/ChangeLog-8.php#8.0.25 (Advisory)
- https://github.com/XKCP/XKCP/commit/fdc6fef075f4e81d6b1bc38364248975e08e340a
- https://bugs.php.net/bug.php?id=81738
- https://github.com/php/php-src/commit/91663a92d1697fc30a7ba4687d73e0f63ec2baa1
- https://github.com/php/php-src/commit/248f647724e385bfb8d83aa5b5a5ca3c4ee2c7fd
- https://github.com/python/cpython/commit/0e4e058602d93b88256ff90bbef501ba20be9dd3
- https://github.com/python/cpython/commit/857efee6d2d43c5c12fc7e377ce437144c728ab8
- https://github.com/python/cpython/commit/948c6794711458fd148a3fa62296cadeeb2ed631
- https://github.com/python/cpython/commit/8088c90044ba04cd5624b278340ebf934dbee4a5
- https://github.com/python/cpython/commit/6fe2a75b645044ca2b5dac03e8d850567b547a9a
- https://github.com/python/cpython/commit/d5b3f6b7f9fc74438009af63f1de01bd77be9385
- https://python-security.readthedocs.io/vuln/sha3-buffer-overflow.html
- https://foss.heptapod.net/pypy/pypy/-/commit/860b897b2611a4099ef9c63ce848fdec89c74b31
- https://github.com/python/cpython/commit/0e4e058602d93b88256ff90bbef501ba20be9dd3 (3.10-branch)
- https://github.com/python/cpython/commit/857efee6d2d43c5c12fc7e377ce437144c728ab8 (3.9-branch)
- https://github.com/python/cpython/commit/948c6794711458fd148a3fa62296cadeeb2ed631 (3.8-branch)
- https://github.com/python/cpython/commit/8088c90044ba04cd5624b278340ebf934dbee4a5 (3.7-branch)
- https://ubuntu.com/security/notices/USN-5717-1
- https://ubuntu.com/security/notices/USN-5767-1
- https://ubuntu.com/security/notices/USN-5888-1
- https://ubuntu.com/security/notices/USN-5767-3
- https://ubuntu.com/security/notices/USN-5930-1
- https://ubuntu.com/security/notices/USN-5931-1
- https://ubuntu.com/security/notices/USN-6524-1
- https://ubuntu.com/security/notices/USN-6525-1
- https://www.cve.org/CVERecord?id=CVE-2022-37454
- https://nvd.nist.gov/vuln/detail/CVE-2022-37454
- https://ubuntu.com/security/CVE-2022-37454
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is CVE-2022-37454?
CVE-2022-37454 is a fixed bug in the Keccak XKCP SHA-3 reference implementation that allows attackers to execute arbitrary code or eliminate expected cryptographic properties.
How does CVE-2022-37454 impact PHP?
CVE-2022-37454 affects PHP versions up to 7.4.33 and can be exploited to execute arbitrary code.
How can I fix CVE-2022-37454 in PHP?
To fix CVE-2022-37454 in PHP, update to version 7.4.33 or later.
What is the affected software for CVE-2022-37454?
The affected software includes PHP versions up to 7.4.33, PHP 7.3.31-1~deb10u4, PHP 7.4.33-1+deb11u3 and 7.4.33-1+deb11u4, PyPy3 versions 7.0.0+dfsg-3, 7.3.5+dfsg-2+deb11u2, 7.3.11+dfsg-2, and 7.3.12+dfsg-1, pysha3 versions 1.0.2-2+deb10u1 and 1.0.2-4.1+deb11u1, Python 2.7.16-2+deb10u1, 2.7.16-2+deb10u2, and 2.7.18-8, Python 3.10.12-1, Python 3.7.3-2+deb10u5, and Python 3.9 versions up to 3.9.2-1.
Where can I find more information about CVE-2022-37454?
More information about CVE-2022-37454 can be found in the PHP changelog at https://www.php.net/ChangeLog-7.php#7.4.33 and the XKCP/XKCP GitHub repository at https://github.com/XKCP/XKCP/security/advisories/GHSA-6w4m-2xhg-2658. The specific fix is available in the commit fdc6fef075f4e81d6b1bc38364248975e08e340a.
- collector/debian-bugs
- alias/CVE-2022-37454
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/severity
- agent/references
- agent/remedy
- collector/php-changelog
- source/PHP
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- agent/event
- agent/description
- agent/weakness
- collector/security-tracker-debian
- source/Debian
- agent/tags
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- package-manager/debian
- vendor/extended keccak code package project
- canonical/extended keccak code package project extended keccak code package
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- version/debian debian linux/11.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/35
- version/fedoraproject fedora/36
- vendor/php
- canonical/php php
- version/php php/7.2.0
- version/php php/8.0.0
- version/php php/8.1.0
- vendor/python
- canonical/python python
- version/python python/3.6.0
- version/python python/3.8.0
- version/python python/3.9.0
- version/python python/3.10.0
- vendor/sha3 project
- canonical/sha3 project sha3
- vendor/pysha3 project
- canonical/pysha3 project pysha3
- vendor/pypy
- version/php php/7.0.0
- package-manager/ubuntu