Home

CVE-2022-33070

Description

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.091

Associated Vulnerability

VulnerabilityOS Platform
Protocol Buffers C static library and headers (protobuf-c) (USN-5531-1) protobuf-c-compiler_1.3.3-1ubuntu0.1_i386.debLinux
Protocol Buffers C static library and headers (protobuf-c) (USN-5531-1) protobuf-c-compiler_1.3.3-1ubuntu0.1_amd64.debLinux
Protocol Buffers C static library and headers (protobuf-c) (USN-5531-1) protobuf-c-compiler_1.3.3-1ubuntu2.1_i386.debLinux
Protocol Buffers C static library and headers (protobuf-c) (USN-5531-1) protobuf-c-compiler_1.3.3-1ubuntu2.1_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.9.9-1ubuntu2.2_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.9.9-1ubuntu2.2_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.8.31-1ubuntu1.4_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.8.31-1ubuntu1.4_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.8.21p2-3ubuntu1.5_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.8.21p2-3ubuntu1.5_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.9.11p3-1ubuntu1.1_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo_1.9.11p3-1ubuntu1.1_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.9.9-1ubuntu2.2_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.9.9-1ubuntu2.2_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.8.31-1ubuntu1.4_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.8.31-1ubuntu1.4_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.8.21p2-3ubuntu1.5_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.8.21p2-3ubuntu1.5_amd64.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.9.11p3-1ubuntu1.1_i386.debLinux
Provide limited super user privileges to specific users (USN-5811-1) sudo-ldap_1.9.11p3-1ubuntu1.1_amd64.debLinux
protobuf-c Security Update (ALAS-2023-086) protobuf-c-1.4.1-2.amzn2023.0.2.x86_64.rpmLinux
protobuf-c Security Update (ALAS-2023-086) protobuf-c-devel-1.4.1-2.amzn2023.0.2.x86_64.rpmLinux
protobuf-c Security Update (ALAS-2023-086) protobuf-c-compiler-1.4.1-2.amzn2023.0.2.x86_64.rpmLinux
protobuf-c Security Update (ALAS-2024-2619) protobuf-c-devel-1.0.2-3.amzn2.0.3.x86_64.rpmLinux
protobuf-c Security Update (ALAS-2024-2619) protobuf-c-compiler-1.0.2-3.amzn2.0.3.x86_64.rpmLinux
protobuf-c Security Update (ALAS-2024-2619) protobuf-c-1.0.2-3.amzn2.0.3.i686.rpmLinux
protobuf-c Security Update (ALAS-2024-2619) protobuf-c-1.0.2-3.amzn2.0.3.x86_64.rpmLinux
protobuf-c Security Update (ALAS2-2024-2619) protobuf-c-1.0.2-3.amzn2.0.3.x86_64.rpmLinux
protobuf-c Security Update (ALAS2-2024-2619) protobuf-c-1.0.2-3.amzn2.0.3.i686.rpmLinux
protobuf-c Security Update (ALAS2-2024-2619) protobuf-c-compiler-1.0.2-3.amzn2.0.3.x86_64.rpmLinux
protobuf-c Security Update (ALAS2-2024-2619) protobuf-c-devel-1.0.2-3.amzn2.0.3.x86_64.rpmLinux
protobuf-c Security Update (ALAS2023-2023-086) protobuf-c-1.4.1-2.amzn2023.0.2.x86_64.rpmLinux
protobuf-c Security Update (ALAS2023-2023-086) protobuf-c-compiler-1.4.1-2.amzn2023.0.2.x86_64.rpmLinux
protobuf-c Security Update (ALAS2023-2023-086) protobuf-c-devel-1.4.1-2.amzn2023.0.2.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234