Published: 14/03/2022 Updated: 08/12/2022

CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 578

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. This issue is very similar to CVE-2021-43304, but the vulnerable copy operation is in a different wildCopy call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yandex clickhouse
debian debian linux 10.0

Debian Bug report logs - #1008216 clickhouse: Multiple CVEs in clickhouse - heap overflows and out of bounds reads in LZ4 compression (CVE-2021-42387 CVE-2021-42388 CVE-2021-43304 CVE-2021-43305) Package: src:clickhouse; Maintainer for src:clickhouse is Alexander GQ Gerasiov <gq@debianorg>; Reported by: Neil Williams <cod ...

CWE-787 https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms https://lists.debian.org/debian-lts-announce/2022/11/msg00002.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008216 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-43305

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect