CVE-2022-36227 — CRITICAL (9.8)

Q: How severe is CVE-2022-36227?

CVE-2022-36227 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2022-36227?

Check the references section above for vendor advisories and patch information. Affected products include: Libarchive Libarchive, Debian Debian Linux, Fedoraproject Fedora, Splunk Universal Forwarder.

Vulnerability Description

In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution."

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Libarchive	Libarchive	>= 3.0.0, < 3.6.2
Debian	Debian Linux	10.0
Fedoraproject	Fedora	37
Splunk	Universal Forwarder	>= 8.2.0, < 8.2.12

Related Weaknesses (CWE)

CWE-476

References

https://bugs.gentoo.org/882521Issue TrackingPatchThird Party Advisory
https://github.com/libarchive/libarchive/blob/v3.0.0a/libarchive/archive_write.cThird Party Advisory
https://github.com/libarchive/libarchive/issues/1754Issue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/01/msg00034.htmlThird Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproMailing ListThird Party Advisory
https://security.gentoo.org/glsa/202309-14Third Party Advisory
https://bugs.gentoo.org/882521Issue TrackingPatchThird Party Advisory
https://github.com/libarchive/libarchive/blob/v3.0.0a/libarchive/archive_write.cThird Party Advisory
https://github.com/libarchive/libarchive/issues/1754Issue TrackingPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/01/msg00034.htmlThird Party Advisory
https://lists.debian.org/debian-lts-announce/2024/11/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproMailing ListThird Party Advisory
https://security.gentoo.org/glsa/202309-14Third Party Advisory

FAQ

What is CVE-2022-36227?

CVE-2022-36227 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer de...

How severe is CVE-2022-36227?

CVE-2022-36227 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-36227?

Check the references section above for vendor advisories and patch information. Affected products include: Libarchive Libarchive, Debian Debian Linux, Fedoraproject Fedora, Splunk Universal Forwarder.