Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2022-23219: Stack-based buffer overflow in sunrpc clnt_create via a long pathname (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Red Hat: CVE-2022-23219: Stack-based buffer overflow in sunrpc clnt_create via a long pathname (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
01/14/2022
Created
03/16/2022
Added
03/16/2022
Modified
12/15/2023

Description

The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.

Solution(s)

  • redhat-upgrade-compat-libpthread-nonshared
  • redhat-upgrade-glibc
  • redhat-upgrade-glibc-all-langpacks
  • redhat-upgrade-glibc-benchtests
  • redhat-upgrade-glibc-common
  • redhat-upgrade-glibc-debuginfo
  • redhat-upgrade-glibc-debuginfo-common
  • redhat-upgrade-glibc-devel
  • redhat-upgrade-glibc-headers
  • redhat-upgrade-glibc-langpack-aa
  • redhat-upgrade-glibc-langpack-af
  • redhat-upgrade-glibc-langpack-agr
  • redhat-upgrade-glibc-langpack-ak
  • redhat-upgrade-glibc-langpack-am
  • redhat-upgrade-glibc-langpack-an
  • redhat-upgrade-glibc-langpack-anp
  • redhat-upgrade-glibc-langpack-ar
  • redhat-upgrade-glibc-langpack-as
  • redhat-upgrade-glibc-langpack-ast
  • redhat-upgrade-glibc-langpack-ayc
  • redhat-upgrade-glibc-langpack-az
  • redhat-upgrade-glibc-langpack-be
  • redhat-upgrade-glibc-langpack-bem
  • redhat-upgrade-glibc-langpack-ber
  • redhat-upgrade-glibc-langpack-bg
  • redhat-upgrade-glibc-langpack-bhb
  • redhat-upgrade-glibc-langpack-bho
  • redhat-upgrade-glibc-langpack-bi
  • redhat-upgrade-glibc-langpack-bn
  • redhat-upgrade-glibc-langpack-bo
  • redhat-upgrade-glibc-langpack-br
  • redhat-upgrade-glibc-langpack-brx
  • redhat-upgrade-glibc-langpack-bs
  • redhat-upgrade-glibc-langpack-byn
  • redhat-upgrade-glibc-langpack-ca
  • redhat-upgrade-glibc-langpack-ce
  • redhat-upgrade-glibc-langpack-chr
  • redhat-upgrade-glibc-langpack-cmn
  • redhat-upgrade-glibc-langpack-crh
  • redhat-upgrade-glibc-langpack-cs
  • redhat-upgrade-glibc-langpack-csb
  • redhat-upgrade-glibc-langpack-cv
  • redhat-upgrade-glibc-langpack-cy
  • redhat-upgrade-glibc-langpack-da
  • redhat-upgrade-glibc-langpack-de
  • redhat-upgrade-glibc-langpack-doi
  • redhat-upgrade-glibc-langpack-dsb
  • redhat-upgrade-glibc-langpack-dv
  • redhat-upgrade-glibc-langpack-dz
  • redhat-upgrade-glibc-langpack-el
  • redhat-upgrade-glibc-langpack-en
  • redhat-upgrade-glibc-langpack-eo
  • redhat-upgrade-glibc-langpack-es
  • redhat-upgrade-glibc-langpack-et
  • redhat-upgrade-glibc-langpack-eu
  • redhat-upgrade-glibc-langpack-fa
  • redhat-upgrade-glibc-langpack-ff
  • redhat-upgrade-glibc-langpack-fi
  • redhat-upgrade-glibc-langpack-fil
  • redhat-upgrade-glibc-langpack-fo
  • redhat-upgrade-glibc-langpack-fr
  • redhat-upgrade-glibc-langpack-fur
  • redhat-upgrade-glibc-langpack-fy
  • redhat-upgrade-glibc-langpack-ga
  • redhat-upgrade-glibc-langpack-gd
  • redhat-upgrade-glibc-langpack-gez
  • redhat-upgrade-glibc-langpack-gl
  • redhat-upgrade-glibc-langpack-gu
  • redhat-upgrade-glibc-langpack-gv
  • redhat-upgrade-glibc-langpack-ha
  • redhat-upgrade-glibc-langpack-hak
  • redhat-upgrade-glibc-langpack-he
  • redhat-upgrade-glibc-langpack-hi
  • redhat-upgrade-glibc-langpack-hif
  • redhat-upgrade-glibc-langpack-hne
  • redhat-upgrade-glibc-langpack-hr
  • redhat-upgrade-glibc-langpack-hsb
  • redhat-upgrade-glibc-langpack-ht
  • redhat-upgrade-glibc-langpack-hu
  • redhat-upgrade-glibc-langpack-hy
  • redhat-upgrade-glibc-langpack-ia
  • redhat-upgrade-glibc-langpack-id
  • redhat-upgrade-glibc-langpack-ig
  • redhat-upgrade-glibc-langpack-ik
  • redhat-upgrade-glibc-langpack-is
  • redhat-upgrade-glibc-langpack-it
  • redhat-upgrade-glibc-langpack-iu
  • redhat-upgrade-glibc-langpack-ja
  • redhat-upgrade-glibc-langpack-ka
  • redhat-upgrade-glibc-langpack-kab
  • redhat-upgrade-glibc-langpack-kk
  • redhat-upgrade-glibc-langpack-kl
  • redhat-upgrade-glibc-langpack-km
  • redhat-upgrade-glibc-langpack-kn
  • redhat-upgrade-glibc-langpack-ko
  • redhat-upgrade-glibc-langpack-kok
  • redhat-upgrade-glibc-langpack-ks
  • redhat-upgrade-glibc-langpack-ku
  • redhat-upgrade-glibc-langpack-kw
  • redhat-upgrade-glibc-langpack-ky
  • redhat-upgrade-glibc-langpack-lb
  • redhat-upgrade-glibc-langpack-lg
  • redhat-upgrade-glibc-langpack-li
  • redhat-upgrade-glibc-langpack-lij
  • redhat-upgrade-glibc-langpack-ln
  • redhat-upgrade-glibc-langpack-lo
  • redhat-upgrade-glibc-langpack-lt
  • redhat-upgrade-glibc-langpack-lv
  • redhat-upgrade-glibc-langpack-lzh
  • redhat-upgrade-glibc-langpack-mag
  • redhat-upgrade-glibc-langpack-mai
  • redhat-upgrade-glibc-langpack-mfe
  • redhat-upgrade-glibc-langpack-mg
  • redhat-upgrade-glibc-langpack-mhr
  • redhat-upgrade-glibc-langpack-mi
  • redhat-upgrade-glibc-langpack-miq
  • redhat-upgrade-glibc-langpack-mjw
  • redhat-upgrade-glibc-langpack-mk
  • redhat-upgrade-glibc-langpack-ml
  • redhat-upgrade-glibc-langpack-mn
  • redhat-upgrade-glibc-langpack-mni
  • redhat-upgrade-glibc-langpack-mr
  • redhat-upgrade-glibc-langpack-ms
  • redhat-upgrade-glibc-langpack-mt
  • redhat-upgrade-glibc-langpack-my
  • redhat-upgrade-glibc-langpack-nan
  • redhat-upgrade-glibc-langpack-nb
  • redhat-upgrade-glibc-langpack-nds
  • redhat-upgrade-glibc-langpack-ne
  • redhat-upgrade-glibc-langpack-nhn
  • redhat-upgrade-glibc-langpack-niu
  • redhat-upgrade-glibc-langpack-nl
  • redhat-upgrade-glibc-langpack-nn
  • redhat-upgrade-glibc-langpack-nr
  • redhat-upgrade-glibc-langpack-nso
  • redhat-upgrade-glibc-langpack-oc
  • redhat-upgrade-glibc-langpack-om
  • redhat-upgrade-glibc-langpack-or
  • redhat-upgrade-glibc-langpack-os
  • redhat-upgrade-glibc-langpack-pa
  • redhat-upgrade-glibc-langpack-pap
  • redhat-upgrade-glibc-langpack-pl
  • redhat-upgrade-glibc-langpack-ps
  • redhat-upgrade-glibc-langpack-pt
  • redhat-upgrade-glibc-langpack-quz
  • redhat-upgrade-glibc-langpack-raj
  • redhat-upgrade-glibc-langpack-ro
  • redhat-upgrade-glibc-langpack-ru
  • redhat-upgrade-glibc-langpack-rw
  • redhat-upgrade-glibc-langpack-sa
  • redhat-upgrade-glibc-langpack-sah
  • redhat-upgrade-glibc-langpack-sat
  • redhat-upgrade-glibc-langpack-sc
  • redhat-upgrade-glibc-langpack-sd
  • redhat-upgrade-glibc-langpack-se
  • redhat-upgrade-glibc-langpack-sgs
  • redhat-upgrade-glibc-langpack-shn
  • redhat-upgrade-glibc-langpack-shs
  • redhat-upgrade-glibc-langpack-si
  • redhat-upgrade-glibc-langpack-sid
  • redhat-upgrade-glibc-langpack-sk
  • redhat-upgrade-glibc-langpack-sl
  • redhat-upgrade-glibc-langpack-sm
  • redhat-upgrade-glibc-langpack-so
  • redhat-upgrade-glibc-langpack-sq
  • redhat-upgrade-glibc-langpack-sr
  • redhat-upgrade-glibc-langpack-ss
  • redhat-upgrade-glibc-langpack-st
  • redhat-upgrade-glibc-langpack-sv
  • redhat-upgrade-glibc-langpack-sw
  • redhat-upgrade-glibc-langpack-szl
  • redhat-upgrade-glibc-langpack-ta
  • redhat-upgrade-glibc-langpack-tcy
  • redhat-upgrade-glibc-langpack-te
  • redhat-upgrade-glibc-langpack-tg
  • redhat-upgrade-glibc-langpack-th
  • redhat-upgrade-glibc-langpack-the
  • redhat-upgrade-glibc-langpack-ti
  • redhat-upgrade-glibc-langpack-tig
  • redhat-upgrade-glibc-langpack-tk
  • redhat-upgrade-glibc-langpack-tl
  • redhat-upgrade-glibc-langpack-tn
  • redhat-upgrade-glibc-langpack-to
  • redhat-upgrade-glibc-langpack-tpi
  • redhat-upgrade-glibc-langpack-tr
  • redhat-upgrade-glibc-langpack-ts
  • redhat-upgrade-glibc-langpack-tt
  • redhat-upgrade-glibc-langpack-ug
  • redhat-upgrade-glibc-langpack-uk
  • redhat-upgrade-glibc-langpack-unm
  • redhat-upgrade-glibc-langpack-ur
  • redhat-upgrade-glibc-langpack-uz
  • redhat-upgrade-glibc-langpack-ve
  • redhat-upgrade-glibc-langpack-vi
  • redhat-upgrade-glibc-langpack-wa
  • redhat-upgrade-glibc-langpack-wae
  • redhat-upgrade-glibc-langpack-wal
  • redhat-upgrade-glibc-langpack-wo
  • redhat-upgrade-glibc-langpack-xh
  • redhat-upgrade-glibc-langpack-yi
  • redhat-upgrade-glibc-langpack-yo
  • redhat-upgrade-glibc-langpack-yue
  • redhat-upgrade-glibc-langpack-yuw
  • redhat-upgrade-glibc-langpack-zh
  • redhat-upgrade-glibc-langpack-zu
  • redhat-upgrade-glibc-locale-source
  • redhat-upgrade-glibc-minimal-langpack
  • redhat-upgrade-glibc-nss-devel
  • redhat-upgrade-glibc-static
  • redhat-upgrade-glibc-utils
  • redhat-upgrade-libnsl
  • redhat-upgrade-nscd
  • redhat-upgrade-nss_db
  • redhat-upgrade-nss_hesiod

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;