Home > Vulnerability Database > CVE-2024-22857

Mend.io Vulnerability Database

CVE-2024-22857

Date: March 6, 2024

Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlog_rule_new().The size of record_name is MAXLEN_PATH(1024) + 1 but file_path may have data upto MAXLEN_CFG_LINE(MAXLEN_PATH*4) + 1. So a check was missing in zlog_rule_new() while copying the record_name from file_path + 1 which caused the buffer overflow. An attacker can exploit this vulnerability to overwrite the zlog_record_fn record_func function pointer to get arbitrary code execution or potentially cause remote code execution (RCE).

Language: C

Severity Score

9.8

Related Resources (9)

Url: https://github.com/HardySimpson/zlog/commit/c47f781a9f1e9604f5201e27d046d925d0d48ac4

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-22857

Url: https://github.com/HardySimpson/zlog/pull/251

Url: https://github.com/HardySimpson/zlog/blob/1a7b1a6fb956b92a4079ccc91f30da21f34ca063/src/rule.h#L30

Url: https://www.cybersecurity-help.cz/vdb/SB2024022842

Url: https://github.com/HardySimpson/zlog/

Url: https://www.ebryx.com/blogs/arbitrary-code-execution-in-zlog-cve-2024-22857

Url: https://seclists.org/oss-sec/2024/q1/175

Url: https://www.mend.io/vulnerability-database/CVE-2024-22857

Severity Score

9.8

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-22857

Date: March 6, 2024

Language: C

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?