#VU66757 Use-after-free in systemd - CVE-2022-2526


Vulnerability identifier: #VU66757

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-2526

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
systemd
Server applications / Other server solutions

Vendor: Freedesktop.org

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the on_stream_io() and dns_stream_complete() functions in resolved-dns-stream.c, which do not increment the reference counting for the DnsStream object. A remote attacker can send to the system specially crafted DNS responses, trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

systemd: 200 - 239

External links
https://github.com/systemd/systemd/commit/d973d94dec349fb676fdd844f6fe2ada3538f27c
https://bugzilla.redhat.com/show_bug.cgi?id=2109926

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Netcool Operations Insight
Multiple vulnerabilities in Dell XtremIO X2
Multiple vulnerabilities in IBM Cloud Pak for Watson AIOps
Multiple vulnerabilities in IBM Cloud Pak for Security (CP4S)
Multiple vulnerabilities in IBM Security Guardium
Multiple vulnerabilities in IBM Security Verify Bridge
Multiple vulnerabilities in IBM QRadar SIEM
Multiple vulnerabilities in Oracle Communications Cloud Native Core Automated Test Suite
Multiple vulnerabilities in IBM Security Verify Access
IBM Cloud Pak for Data update for systemd