The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-01-14T00:00:00

Updated: 2024-08-03T03:36:20.198Z

Reserved: 2022-01-14T00:00:00

Link: CVE-2022-23218

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-01-14T07:15:08.800

Modified: 2024-11-21T06:48:12.677

Link: CVE-2022-23218

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-01-12T00:00:00Z

Links: CVE-2022-23218 - Bugzilla