Vulnerabilities > CVE-2022-27882 - Incorrect Conversion between Numeric Types vulnerability in Openbsd 6.9/7.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

openbsd

CWE-681

NVD

Published: 2022-03-25

Updated: 2022-05-12

Summary

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd 6.9 Openbsd Openbsd 7.0	2

Common Weakness Enumeration (CWE)

CWE-681 - Incorrect Conversion between Numeric Types

References

https://blog.quarkslab.com/heap-overflow-in-openbsds-slaacd-via-router-advertisement.html
https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/017_slaacd.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/6.9/common/033_slaacd.patch.sig
https://security.netapp.com/advisory/ntap-20220506-0005/