CVE-2022-45873
Severity CVSS v4.0:
Pending analysis
Type:
CWE-400
Uncontrolled Resource Consumption ('Resource Exhaustion')
Publication date:
23/11/2022
Last modified:
25/04/2025
Description
systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:* | 250 (including) | 251 (including) |
| cpe:2.3:a:systemd_project:systemd:252:rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:systemd_project:systemd:252:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437
- https://github.com/systemd/systemd/pull/24853#issuecomment-1326561497
- https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/
- https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437
- https://github.com/systemd/systemd/pull/24853#issuecomment-1326561497
- https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/