CVE-2022-3821

Updated: 2023-11-07 19:51:44.316106

Description:

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU systemd 252 5.5 MEDIUM Ignored 2023-11-08 04:07:49
CentOS 7 ELS systemd 219 5.5 MEDIUM Ignored 2023-09-19 09:30:11
CentOS 8.4 ELS systemd 239 5.5 MEDIUM Released CLSA-2023:1674163819 2023-01-19 19:56:07
CentOS 8.5 ELS systemd 239 5.5 MEDIUM Released CLSA-2023:1674164032 2023-01-19 19:56:07
Ubuntu 16.04 ELS systemd 229-4 5.5 MEDIUM Released CLSA-2023:1679349729 2023-03-20 21:15:33
Ubuntu 18.04 ELS systemd 237-3 5.5 MEDIUM Already Fixed 2023-06-02 09:10:36