Wind River Support Network

HomeDefectsLIN10-9828
Fixed

LIN10-9828 : Security Advisory - apache2 - CVE-2022-22721

Created: Mar 14, 2022    Updated: Apr 10, 2022
Resolved Date: Apr 10, 2022
Found In Version: 10.17.41.1
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace

Description

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CREATE(Triage):(User=admin) CVE-2022-22721 (https://nvd.nist.gov/vuln/detail/CVE-2022-22721)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube