Users can consume unlimited disk space in /var/crash

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00154.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Canonical
  • Apport

Configuration 1 [-]

cpe:2.3:a:canonical:apport:*:*:*:*:*:*:*:*

No data.

No data.

References
Link Providers
https://www.cve.org/CVERecord?id=CVE-2022-28653 cve-icon cve-icon
History

Tue, 26 Aug 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical apport
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:canonical:apport:*:*:*:*:*:*:*:*
Vendors & Products Canonical
Canonical apport

Fri, 07 Feb 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 31 Jan 2025 01:00:00 +0000

Type Values Removed Values Added
Description Users can consume unlimited disk space in /var/crash
References
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2025-02-07T15:56:12.162Z

Reserved: 2022-04-05T02:16:30.819Z

Link: CVE-2022-28653

cve-icon Vulnrichment

Updated: 2025-02-07T15:55:57.300Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-31T01:15:08.727

Modified: 2025-08-26T17:49:27.873

Link: CVE-2022-28653

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.