Vulnerability CVE-2022-2476

Vulnerability Name:

CVE-2022-2476 (CCN-232156)

Assigned:

2022-07-04

Published:

2022-07-04

Updated:

2022-11-21

Summary:

A null pointer dereference bug was found in wavpack-5.4.0 The results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x561b47a970c6 bp 0x7fff13952fb0 sp 0x7fff1394fca0 T0) ==84257==The signal is caused by a WRITE memory access. ==84257==Hint: address points to the zero page. #0 0x561b47a970c5 in main cli/wvunpack.c:834 #1 0x7efc4f5c0082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) #2 0x561b47a945ed in _start (/usr/local/bin/wvunpack+0xa5ed) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV cli/wvunpack.c:834 in main ==84257==ABORTING

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

4.7 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

3.8 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2022-2476

Source: XF
Type: UNKNOWN
wavpack-cve20222476-dos(232156)

Source: CCN
Type: WavPack GIT Repository
Null pointer dereference at cli/wvunpack.c #121

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://github.com/dbry/WavPack/issues/121

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-ca2f721916

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-c9c086b06f

Vulnerable Configuration:

Configuration 1:

cpe:/a:wavpack:wavpack:5.4.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:wavpack:wavpack:5.0.0:-:*:*:*:*:*:*

OR cpe:/a:wavpack:wavpack:5.1.0:*:*:*:*:*:*:*

OR cpe:/a:wavpack:wavpack:5.3.0:*:*:*:*:*:*:*

OR cpe:/a:wavpack:wavpack:5.4.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:3666	P	Security update for wavpack (Low)	2022-08-05
oval:org.opensuse.security:def:680	P	Security update for wavpack (Low)	2022-08-05
oval:org.opensuse.security:def:3685	P	Security update for wavpack (Low)	2022-08-05
oval:org.opensuse.security:def:95296	P	Security update for wavpack (Low)	2022-08-05
oval:org.opensuse.security:def:95315	P	Security update for wavpack (Low)	2022-08-05

BACK