How severe is CVE-2022-24048?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2022-24048?

This is classified as CWE-121, which is a common weakness in software security.

CVE-2022-24048 - HIGH Severity | CVSS 7

Vulnerability Description

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191.

Related Vulnerabilities

CVE-2018-1046

HIGH

CVSS:7.0(High)

pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based...

CWE-1212018

CVE-2018-14633

HIGH

CVSS:7.0(High)

A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthentic...

CWE-1212018

CVE-2024-38246

HIGH

CVSS:7.0(High)

Win32k Elevation of Privilege Vulnerability

CWE-1212024

CVE-2024-39556

HIGH

CVSS:7.0(High)

A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a m...

CWE-1212024

CVE-2024-55577

HIGH

CVSS:7.0(High)

Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a re...

CWE-1212024

CVE-2024-7547

HIGH

CVSS:7.0(High)

oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker mu...

CWE-1212024