CVE-2022-2120

NameCVE-2022-2120
DescriptionOFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs1017743

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dcmtk (PTS)buster3.6.4-2.1vulnerable
bullseye3.6.5-1vulnerable
bookworm, sid3.6.7-8fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
dcmtksource(unstable)3.6.7-61017743

Notes

[bullseye] - dcmtk <no-dsa> (Minor issue)
[buster] - dcmtk <no-dsa> (Minor issue)
https://support.dcmtk.org/redmine/issues/1021
Fixed by: https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=f06a867513524664a1b03dfcf812d8b60fdd02cc
Search for package or bug name: Reporting problems