CVE-2022-48363 - Vulnerability Details - OpenCVE

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00073.

Exploitation poc

Automatable yes

Technical Impact partial

Vendors	Products
Linuxfoundation	Automotive Grade Linux

Configuration 1 [-]

cpe:2.3:a:linuxfoundation:automotive_grade_linux:*:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2022-51062	In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484
https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485
https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open
https://jira.automotivelinux.org/browse/SPEC-4661

History

Tue, 11 Mar 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-02-26T00:00:00.000Z

Updated: 2025-03-11T19:54:43.431Z

Reserved: 2023-02-26T00:00:00.000Z

Link: CVE-2022-48363

Vulnrichment

Updated: 2024-08-03T15:10:59.819Z

NVD

Status : Modified

Published: 2023-02-26T23:15:10.730

Modified: 2025-03-11T20:15:14.480

Link: CVE-2022-48363

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-48363", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-11T19:54:43.431Z", "dateReserved": "2023-02-26T00:00:00.000Z", "datePublished": "2023-02-26T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-02-26T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open"}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484"}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485"}, {"url": "https://jira.automotivelinux.org/browse/SPEC-4661"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:10:59.819Z"}, "title": "CVE Program Container", "references": [{"url": "https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open", "tags": ["x_transferred"]}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484", "tags": ["x_transferred"]}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485", "tags": ["x_transferred"]}, {"url": "https://jira.automotivelinux.org/browse/SPEC-4661", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-617", "lang": "en", "description": "CWE-617 Reachable Assertion"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-11T19:54:12.954296Z", "id": "CVE-2022-48363", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-11T19:54:43.431Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open", "tags": ["x_transferred"]}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484", "tags": ["x_transferred"]}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485", "tags": ["x_transferred"]}, {"url": "https://jira.automotivelinux.org/browse/SPEC-4661", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:10:59.819Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-48363", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-11T19:54:12.954296Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-617", "description": "CWE-617 Reachable Assertion"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-11T19:54:39.329Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open"}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484"}, {"url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485"}, {"url": "https://jira.automotivelinux.org/browse/SPEC-4661"}], "descriptions": [{"lang": "en", "value": "In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-02-26T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48363", "state": "PUBLISHED", "dateUpdated": "2025-03-11T19:54:43.431Z", "dateReserved": "2023-02-26T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-02-26T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfoundation:automotive_grade_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "CF3B987D-1951-4A6F-AD49-E4E9BAD69D6C", "versionEndExcluding": "0.23.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer."}], "id": "CVE-2022-48363", "lastModified": "2025-03-11T20:15:14.480", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-02-26T23:15:10.730", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://jira.automotivelinux.org/browse/SPEC-4661"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28484"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://gerrit.automotivelinux.org/gerrit/c/src/libqtappfw/+/28485"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "https://gerrit.automotivelinux.org/gerrit/q/project:src%252Flibqtappfw+status:open"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://jira.automotivelinux.org/browse/SPEC-4661"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-617"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}