Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-40320

cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. (CVE-2022-40320)

Source

ALAS-2023-1692

Amazon Linux AMI Security Advisory: ALAS-2023-1692
Advisory Release Date: 2023-02-17 00:02 Pacific
Advisory Updated Date: 2023-02-23 01:34 Pacific

Severity: Important

References: CVE-2022-40320
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. (CVE-2022-40320)

Affected Packages:

libconfuse

Issue Correction:
Run yum update libconfuse to update your system.

New Packages:

i686:
    libconfuse-2.7-4.4.amzn1.i686
    libconfuse-debuginfo-2.7-4.4.amzn1.i686
    libconfuse-devel-2.7-4.4.amzn1.i686

src:
    libconfuse-2.7-4.4.amzn1.src

x86_64:
    libconfuse-devel-2.7-4.4.amzn1.x86_64
    libconfuse-debuginfo-2.7-4.4.amzn1.x86_64
    libconfuse-2.7-4.4.amzn1.x86_64

Additional References

Red Hat: CVE-2022-40320

Mitre: CVE-2022-40320

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2023-1692

ALAS-2023-1692

Additional References

Vulmon Search

About

Products

Connect