{
  "threat_severity" : "Moderate",
  "public_date" : "2022-07-17T00:00:00Z",
  "bugzilla" : {
    "description" : "zstd: mysql: buffer overrun in util.c",
    "id" : "2179864",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2179864"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-400",
  "details" : [ "A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.", "A vulnerability was found in zstd. This flaw allows an attacker to supply an empty string as an argument to the command line tool to cause a buffer overrun." ],
  "statement" : "The vulnerability in the zstd command-line utility is rated as Moderate Severity because it involves an Incorrect Calculation of Buffer Size (CWE-400) within the mallocAndJoin2Dir function in programs/util.c. A remote attacker can exploit this flaw by providing an input, specifically an empty string, which causes a function boundary error and results in a heap-based Out-of-Bounds Read on memory. This ultimately leads to a program crash, causing a Denial of Service condition that is limited to the specific zstd process or service instance, rather than affecting the entire host system's stability.",
  "affected_release" : [ {
    "product_name" : "Red Hat AMQ Streams 2.7.0",
    "release_date" : "2024-05-30T00:00:00Z",
    "advisory" : "RHSA-2024:3527",
    "cpe" : "cpe:/a:redhat:amq_streams:2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-02-20T00:00:00Z",
    "advisory" : "RHSA-2024:0894",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "mysql:8.0-8090020240126173013.a75119d5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-03-05T00:00:00Z",
    "advisory" : "RHSA-2024:1141",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "mysql-0:8.0.36-1.el9_3"
  }, {
    "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2619",
    "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7",
    "package" : "rh-mysql80-mysql-0:8.0.36-1.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "mysql",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "zstd",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "zstd",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-4899\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-4899" ],
  "name" : "CVE-2022-4899",
  "csaw" : false
}