Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.4
CVSSv3

CVE-2022-1117

Published: 29/08/2022 Updated: 12/02/2023
CVSS v3 Base Score: 8.4 | Impact Score: 5.9 | Exploitability Score: 2.5
VMScore: 0
Subscribe to Fapolicyd

Vulnerability Summary

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

fapolicyd project fapolicyd

Vendor Advisories

Red Hat: Moderate: fapolicyd security and bug fix update
Synopsis Moderate: fapolicyd security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for fapolicyd is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Sec ...
Red Hat: Moderate: fapolicyd security, bug fix, and enhancement update
Synopsis Moderate: fapolicyd security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for fapolicyd is now available for Red Hat Enterprise Linux 8Red Hat Product Security has ra ...
Red Hat:
A vulnerability was found in fapolicyd The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution ...

References

CWE-552https://bugzilla.redhat.com/show_bug.cgi?id=2068171https://access.redhat.com/security/cve/CVE-2022-1117https://bugzilla.redhat.com/show_bug.cgi?id=2066904https://github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263https://access.redhat.com/errata/RHSA-2022:4824https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367CVE-2024-35977CVE-2023-49335man-in-the-middleCVE-2024-4947CVE-2024-31714memory leakSQLCVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook