CVE & CISA-KEV Catalog

CVE-2022-39260

HIGHEPSS 85th pctl
8.5
CVSS v3
NVD

Description

Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.

How to fix

Remediation Available
gitDebian
Fixed in:1:2.30.2-1+deb11u1CVE-2022-39260
Fixed in:1:2.38.1-1CVE-2022-39260
Fixed in:1:2.38.1-1CVE-2022-39260
Fixed in:1:2.38.1-1CVE-2022-39260
gitRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
gitRed Hat / RHEL
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-allRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-allRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-coreRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-coreRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-core-debuginfoRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-core-debuginfoRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-core-docRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-core-docRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-credential-libsecretRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-credential-libsecretRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-credential-libsecret-debuginfoRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-credential-libsecret-debuginfoRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-daemonRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-daemonRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-daemon-debuginfoRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-daemon-debuginfoRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-debuginfoRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-debuginfoRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-debugsourceRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-debugsourceRed Hat / RHEL
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-emailRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-emailRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-guiRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-guiRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-instawebRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-instawebRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-subtreeRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-subtreeRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-svnRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
git-svnRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
gitkRed Hat / RHEL
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
gitkRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
gitwebRed Hat / RHEL
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
gitwebRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
perl-GitRocky
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
perl-GitRed Hat / RHEL
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
perl-Git-SVNRed Hat / RHEL
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
perl-Git-SVNRocky
Fixed in:0:2.39.1-1.el8RHSA-2023:2859
Fixed in:0:2.31.8-1.el8_6RHSA-2024:0407
Fixed in:0:2.39.1-1.el9RHSA-2023:2319
gitUbuntu
Fixed in:1:2.7.4-0ubuntu1.10+esm3USN-5686-2
Fixed in:1:2.17.1-1ubuntu0.13USN-5686-1
Fixed in:1:2.25.1-1ubuntu3.6USN-5686-1
Fixed in:1:2.34.1-1ubuntu1.5USN-5686-1
Fixed in:1:2.37.2-1ubuntu1.1USN-5686-3

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Exploit Intelligence

2.94%probability of exploitation in 30 days
85thpercentile

Elevated risk: more likely to be exploited than 85% of all known CVEs.

References

Related Vulnerabilities

Other CWE-122 (Heap-based Buffer Overflow) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2015-3113Critical9.8100%KEVFix
CVE-2024-26256High7.888%-Fix
CVE-2020-25687Medium5.987%-Fix
CVE-2009-3459High8.886%KEVFix
CVE-2021-21017High8.886%KEV-
CVE-2020-25683Medium5.986%-Fix
Embed a live status badge for CVE-2022-39260
CVE-2022-39260 severity badge

Markdown

[![CVE-2022-39260](https://tridentstack.com/cve/badge/CVE-2022-39260.svg)](https://tridentstack.com/cve/CVE-2022-39260)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-39260"><img src="https://tridentstack.com/cve/badge/CVE-2022-39260.svg" alt="CVE-2022-39260"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.