Wind River Support Network

HomeDefectsLIN1021-3066
Fixed

LIN1021-3066 : Security Advisory - apache2 - CVE-2022-22721

Created: Mar 14, 2022    Updated: May 6, 2022
Resolved Date: May 6, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.12
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CREATE(Triage):(User=admin) CVE-2022-22721 (https://nvd.nist.gov/vuln/detail/CVE-2022-22721)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube