How severe is CVE-2022-23523?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-23523?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2022-23523

MEDIUM Year: 2022

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-119

View all →

Vulnerability Description

In versions prior to 0.8.1, the linux-loader crate uses the offsets and sizes provided in the ELF headers to determine the offsets to read from. If those offsets point beyond the end of the file this could lead to Virtual Machine Monitors using the `linux-loader` crate entering an infinite loop if the ELF header of the kernel they are loading was modified in a malicious manner. This issue has been addressed in 0.8.1. The issue can be mitigated by ensuring that only trusted kernel images are loaded or by verifying that the headers do not point beyond the end of the file.

CVE-2006-3635

MEDIUM

CVSS:5.5(Medium)

The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of in...

CWE-1192006

CVE-2014-125002

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. I...

CWE-1192014

CVE-2014-125003

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The at...

CWE-1192014

CVE-2014-125004

MEDIUM

CVSS:5.5(Medium)

A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corru...

CWE-1192014

CVE-2014-125005

MEDIUM

CVSS:5.5(Medium)

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corr...

CWE-1192014

CVE-2014-125006

MEDIUM

CVSS:5.5(Medium)

A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory ...

CWE-1192014

CVE-2022-23523

Vulnerability Description

Related Vulnerabilities

CVE-2006-3635

CVE-2014-125002

CVE-2014-125003

CVE-2014-125004

CVE-2014-125005

CVE-2014-125006