Main Vulnerability Database Vulnerabilities #VU79499

#VU79499 Buffer overflow in hyperscan - CVE-2022-29486

Published: August 14, 2023

Vulnerability identifier: #VU79499

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-29486

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
hyperscan

Software vendor:
Intel

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in src/compiler/compiler.cpp. A remote attacker can create a specially crafted file, trick the victim into using it during project compilation, trigger memory corruption and execute arbitrary code on the target system.

Remediation

Install updates from vendor's website.

External links

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00695.html
https://github.com/intel/hyperscan/commit/3070f11991cc2014685a28c0eaa1e033ffa8fe30

#VU79499 Buffer overflow in hyperscan - CVE-2022-29486

Description

Remediation

External links

Please verify you're human