Vulnerability Details : CVE-2022-24070
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected.
Vulnerability category: Memory Corruption
Products affected by CVE-2022-24070
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:subversion:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-24070
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-24070
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2022-24070
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by:
- nvd@nist.gov (Primary)
- security@apache.org (Secondary)
References for CVE-2022-24070
-
https://issues.apache.org/jira/browse/SVN-4880
[SVN-4880] Use-after-free of object-pools in subversion/libsvn_repos/authz.c when used as httpd module - ASF JIRAIssue Tracking;Vendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PZ4ARNGLMGYBKYDX2B7DRBNMF6EH3A6R/
[SECURITY] Fedora 36 Update: subversion-1.14.2-5.fc36 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://bz.apache.org/bugzilla/show_bug.cgi?id=65861
65861 – [PATCH] Document how the post_config hook is calledIssue Tracking;Vendor Advisory
-
https://cwiki.apache.org/confluence/display/HTTPD/ModuleLife
ModuleLife - HTTPD - Apache Software FoundationVendor Advisory
-
http://seclists.org/fulldisclosure/2022/Jul/18
Full Disclosure: APPLE-SA-2022-07-20-2 macOS Monterey 12.5Mailing List;Third Party Advisory
-
https://www.debian.org/security/2022/dsa-5119
Debian -- Security Information -- DSA-5119-1 subversionThird Party Advisory
-
https://support.apple.com/kb/HT213345
About the security content of macOS Monterey 12.5 - Apple SupportThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJPMCWCGWBN3QWCDVILWQWPC75RR67LT/
[SECURITY] Fedora 35 Update: subversion-1.14.2-5.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
Jump to