Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-45873

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.

Published

2022-11-23T23:15:10.183

Last Modified

2025-04-25T19:15:48.487

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-400
Type: Secondary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	systemd_project	systemd	≤ 251	Yes
Application	systemd_project	systemd	252	Yes
Application	systemd_project	systemd	252	Yes
Operating System	fedoraproject	fedora	36	Yes

References

https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437 Patch, Third Party Advisory ([email protected])
https://github.com/systemd/systemd/pull/24853#issuecomment-1326561497 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/ ([email protected])
https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/systemd/systemd/pull/24853#issuecomment-1326561497 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/ (af854a3a-2127-422b-91ae-364da2661108)