Wind River Support Network

HomeDefectsLIN1019-8020
Fixed

LIN1019-8020 : Security Advisory - apache2 - CVE-2022-22721

Created: Mar 14, 2022    Updated: Apr 12, 2022
Resolved Date: Apr 12, 2022
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CREATE(Triage):(User=admin) CVE-2022-22721 (https://nvd.nist.gov/vuln/detail/CVE-2022-22721)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube