CVE-2022-27819

CVSS v3.1

5.3

Medium

Vector

AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions SWHKD version 1.1.5

Description The issue is related to unsafe parsing via the -c option, which can lead to an information leak or a denial of service (memory exhaustion) when attempting to parse large or infinite files, such as block or character devices.

Recommendations For SWHKD version 1.1.5, consider disabling the use of the -c option until a patch is available to prevent potential memory exhaustion and information leaks. Restrict access to large or infinite files to minimize the risk of exploitation.

Fix

Resource Exhaustion

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-770

Related Identifiers

BDU:2022-04427

CVE-2022-27819

GHSA-H6XW-MGHQ-7523

Affected Products

Swhkd

CVE-2022-27819

Weakness Enumeration

Related Identifiers

Affected Products

References · 12