PT-2022-20051 · Squirrel+1 · Squirrel+1
Alexander Zhdanov
+7
·
Published
2022-05-02
·
Updated
2022-12-09
·
CVE-2022-30292
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SQUIRREL version 3.2
Description
The issue is a heap-based buffer overflow in sqbaselib.cpp due to the lack of a certain
sq reservestack call. This occurs in the thread call function. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited.Recommendations
For SQUIRREL version 3.2, consider disabling the
thread call function in sqbaselib.cpp until a patch is available, as it lacks a certain sq reservestack call. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Squirrel