Vulnerability Name:

CVE-2022-24070 (CCN-224188)

Assigned:2021-11-04
Published:2021-11-04
Updated:2022-10-28
Summary:Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-416
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2022-24070

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5

Source: CCN
Type: ASF Bugzilla – Bug 65861
[PATCH] Document how the post_config hook is called

Source: MISC
Type: Issue Tracking, Vendor Advisory
https://bz.apache.org/bugzilla/show_bug.cgi?id=65861

Source: MISC
Type: Vendor Advisory
https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife

Source: XF
Type: UNKNOWN
apache-subversion-cve202224070-dos(224188)

Source: CCN
Type: SVN-4880
Use-after-free of object-pools in subversion/libsvn_repos/authz.c when used as httpd module

Source: MISC
Type: Issue Tracking, Vendor Advisory
https://issues.apache.org/jira/browse/SVN-4880

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-2af658b090

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-13cc09ecf2

Source: CCN
Type: Apple security document HT213345
About the security content of macOS Monterey 12.5

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/kb/HT213345

Source: DEBIAN
Type: Third Party Advisory
DSA-5119

Source: CCN
Type: IBM Security Bulletin 6601517 (Tivoli Netcool/Impact)
A security vulnerability has been identified in Apache Subversion shipped with IBM Tivoli Netcool Impact (CVE-2022-24070)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:subversion:*:*:*:*:*:*:*:* (Version >= 1.14.0 and < 1.14.2)
  • OR cpe:/a:apache:subversion:*:*:*:*:*:*:*:* (Version >= 1.10.0 and < 1.10.8)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:apple:macos:*:*:*:*:*:*:*:* (Version >= 12.0 and < 12.5)

    • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:subversion:1.14.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8066
    P
    		subversion-bash-completion-1.14.1-150400.3.8 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:7811
    P
    		subversion-1.14.1-150400.3.8 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3529
    P
    		jakarta-commons-fileupload-1.1.1-122.3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3205
    P
    		libltdl7-2.4.2-17.4.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3429
    P
    		apache-commons-httpclient-3.1-4.364 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95159
    P
    		subversion-server-1.14.1-150400.3.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94835
    P
    		subversion-1.14.1-150400.3.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95059
    P
    		subversion-bash-completion-1.14.1-150400.3.8 on GA media (Moderate)
    2022-06-22
    oval:com.redhat.rhsa:def:20224941
    P
    		RHSA-2022:4941: subversion:1.14 security update (Important)
    2022-06-08
    oval:com.redhat.rhsa:def:20224591
    P
    		RHSA-2022:4591: subversion security update (Important)
    2022-05-18
    oval:com.redhat.rhsa:def:20222234
    P
    		RHSA-2022:2234: subversion:1.10 security update (Important)
    2022-05-12
    oval:org.opensuse.security:def:5229
    P
    		Security update for subversion (Important)
    2022-05-02
    oval:org.opensuse.security:def:119549
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:1154
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:101585
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:119057
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:1657
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:101832
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:119174
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:118677
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:102233
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:119364
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:854
    P
    		Security update for subversion (Important)
    2022-04-12
    oval:org.opensuse.security:def:118867
    P
    		Security update for subversion (Important)
    2022-04-12
    BACK
    apache subversion *
    apache subversion *
    debian debian linux 10.0
    debian debian linux 11.0
    fedoraproject fedora 35
    fedoraproject fedora 36
    apple macos *
    apache subversion 1.14.1
    ibm tivoli netcool/impact 7.1.0