Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23089

When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash.

Published

2024-02-15T05:15:09.620

Last Modified

2025-06-04T21:11:31.653

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.7 (MEDIUM)

Weaknesses

Type: Secondary
CWE-125

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	freebsd	freebsd	< 12.3	Yes
Operating System	freebsd	freebsd	< 13.0	Yes
Operating System	freebsd	freebsd	12.3	Yes
Operating System	freebsd	freebsd	12.3	Yes
Operating System	freebsd	freebsd	12.3	Yes
Operating System	freebsd	freebsd	12.3	Yes
Operating System	freebsd	freebsd	12.3	Yes
Operating System	freebsd	freebsd	12.3	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.0	Yes
Operating System	freebsd	freebsd	13.1	Yes
Operating System	freebsd	freebsd	13.1	Yes
Operating System	freebsd	freebsd	13.1	Yes

References

https://security.freebsd.org/advisories/FreeBSD-SA-22:09.elf.asc Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20240415-0006/ Third Party Advisory ([email protected])
https://security.freebsd.org/advisories/FreeBSD-SA-22:09.elf.asc Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20240415-0006/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)