CVE-2022-1304
CVE Details
Visit the official vulnerability details page for CVE-2022-1304 to learn more.
Initial Publication
11/13/2024
Last Update
12/12/2024
Third Party Dependency
e2fsprogs
NIST CVE Summary
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.
CVE Severity
Our Official Summary
This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. So the attacker needs to gain privileged access to the cluster to attempt this exploit. Also the containers do not allow execution of arbitrary code. Impact of this exploit is also low, since container reduces the attack surface.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.4.20 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 12/12/2024 | Official summary added |