Vulnerability Details : CVE-2023-22466
Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.
Products affected by CVE-2023-22466
- cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*
- cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*
- cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-22466
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-22466
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
2.8
|
2.5
|
NIST | |
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L |
2.8
|
2.5
|
GitHub, Inc. |
CWE ids for CVE-2023-22466
-
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.Assigned by: security-advisories@github.com (Primary)
References for CVE-2023-22466
-
https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1
Release Tokio v1.23.1 · tokio-rs/tokio · GitHubRelease Notes;Third Party Advisory
-
https://github.com/tokio-rs/tokio/pull/5336
net: fix named pipes server configuration builder by carllerche · Pull Request #5336 · tokio-rs/tokio · GitHubPatch;Third Party Advisory
-
https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7
reject_remote_clients configuration may get dropped when creating a Windows named pipe · Advisory · tokio-rs/tokio · GitHubMitigation;Third Party Advisory
-
https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients
CreateNamedPipeA function (winbase.h) - Win32 apps | Microsoft LearnTechnical Description;Third Party Advisory
Jump to