CVE-2022-29503

A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:uclibc:uclibc:0.9.33.2:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:uclibc-ng_project:uclibc-ng:1.0.40:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:anker:eufy_homebase_2_firmware:2.1.8.8h:*:*:*:*:*:*:*
cpe:2.3:h:anker:eufy_homebase_2:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:59

Type Values Removed Values Added
References () https://talosintelligence.com/vulnerability_reports/TALOS-2022-1517 - Exploit, Third Party Advisory () https://talosintelligence.com/vulnerability_reports/TALOS-2022-1517 - Exploit, Third Party Advisory

28 Jun 2023, 20:35

Type Values Removed Values Added
CWE CWE-119 CWE-770

Information

Published : 2022-09-29 17:15

Updated : 2024-11-21 06:59


NVD link : CVE-2022-29503

Mitre link : CVE-2022-29503

CVE.ORG link : CVE-2022-29503


JSON object : View

Products Affected

uclibc-ng_project

  • uclibc-ng

uclibc

  • uclibc

anker

  • eufy_homebase_2
  • eufy_homebase_2_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-770

Allocation of Resources Without Limits or Throttling