Vulnerabilities > CVE-2022-27882 - Incorrect Conversion between Numeric Types vulnerability in Openbsd 6.9/7.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |