Vulnerabilities > CVE-2022-34038 - Out-of-bounds Write vulnerability in Etcd 3.5.4

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

etcd

CWE-787

NVD

Published: 2023-08-22

Updated: 2024-04-11

Summary

Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Etcd Etcd Etcd 3.5.4	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/etcd-io/etcd/pull/14022
https://github.com/etcd-io/etcd/pull/14452
https://go-review.googlesource.com/c/vulndb/+/524456/2/data/excluded/GO-2023-2016.yaml
https://github.com/golang/vulndb/issues/2016#issuecomment-1698677762
https://go-review.googlesource.com/c/vulndb/+/524456