← Back

CVE-2022-28656

nvd nist
Published: Jun 4, 2024Modified: Mar 19, 2025

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

is_closing_session() allows users to consume RAM in the Apport process

Affected (5)

Apport Project
1 product
Apport
Canonical
1 product
Ubuntu Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Apport
Before 2.21.0
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 20.04
Ubuntu Linux
Version 21.10
Ubuntu Linux
Version 22.04

Related CWEs

CWE-770
Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (4)

Source: security@ubuntu.com
Third Party Advisory
Source: security@ubuntu.com
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.