| Name | CVE-2022-22721 |
| Description | If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-2960-1 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| apache2 (PTS) | buster | 2.4.38-3+deb10u8 | fixed |
| buster (security) | 2.4.38-3+deb10u10 | fixed |
| bullseye | 2.4.56-1~deb11u2 | fixed |
| bullseye (security) | 2.4.56-1~deb11u1 | fixed |
| bookworm | 2.4.57-2 | fixed |
| sid, trixie | 2.4.57-3 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| apache2 | source | stretch | 2.4.25-3+deb9u13 | | DLA-2960-1 | |
| apache2 | source | buster | 2.4.38-3+deb10u8 | | | |
| apache2 | source | bullseye | 2.4.53-1~deb11u1 | | | |
| apache2 | source | (unstable) | 2.4.53-1 | | | |
Notes
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-22721
Fixed by: https://svn.apache.org/r1898693