Wind River Support Network

HomeDefectsLIN1022-3103
Fixed

LIN1022-3103 : Security Advisory - libxpm - CVE-2022-4883

Created: Jan 17, 2023    Updated: May 30, 2023
Resolved Date: May 30, 2023
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

https://nvd.nist.gov/vuln/detail/CVE-2022-4883
  • Linkedin
  • Facebook
  • Twitter
  • Youtube