A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
References
Link | Resource |
---|---|
https://github.com/systemd/systemd/commit/d973d94dec349fb676fdd844f6fe2ada3538f27c | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20221111-0005/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Information
Published : 2022-09-09 08:15
Updated : 2023-01-19 19:17
NVD link : CVE-2022-2526
Mitre link : CVE-2022-2526
JSON object : View
CWE
CWE-416
Use After Free
Products Affected
systemd_project
- systemd
netapp
- h300s
- h500s
- h500s_firmware
- active_iq_unified_manager
- h700s
- h410s_firmware
- h410s
- h700s_firmware
- h300s_firmware