Wind River Support Network

HomeDefectsLIN1018-8983
Fixed

LIN1018-8983 : Security Advisory - apache2 - CVE-2022-22721

Created: Mar 14, 2022    Updated: Apr 5, 2022
Resolved Date: Apr 5, 2022
Found In Version: 10.18.44.1
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CREATE(Triage):(User=admin) CVE-2022-22721 (https://nvd.nist.gov/vuln/detail/CVE-2022-22721)

CVEs


Live chat
Online