Unrated severityNVD Advisory· Published Sep 9, 2022· Updated Aug 3, 2024
CVE-2022-40320
CVE-2022-40320
Description
cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- libConfuse/libConfusedescription
- Range: =3.3
- osv-coords12 versionspkg:rpm/opensuse/libconfuse0&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libconfuse0&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012pkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/libconfuse0&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4
< 2.8-150000.3.3.1+ 11 more
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-3.6.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
- (no CPE)range: < 2.8-150000.3.3.1
Patches
Vulnerability mechanics
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BSAZK4KAWRWNAFUBBXOYU3PVNH3X7226/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EDUT2V62V2XF2IT5TJFPB6P3EQ6X5VLL/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJKHAPJ6AUWVP4HDGKH4M5A2XXWQI73O/mitrevendor-advisoryx_refsource_FEDORA
- github.com/libconfuse/libconfuse/issues/163mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.