Wind River Support Network

HomeDefectsLIN1019-9301
Fixed

LIN1019-9301 : Security Advisory - libxpm - CVE-2022-4883

Created: Jan 17, 2023    Updated: Jun 26, 2023
Resolved Date: Jun 24, 2023
Found In Version: 10.19.45.1
Fix Version: 10.19.45.29
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

https://nvd.nist.gov/vuln/detail/CVE-2022-4883

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube