CVE-2022-38223

NameCVE-2022-38223
DescriptionThere is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3541-1
Debian Bugs1019599

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
w3m (PTS)buster0.5.3-37vulnerable
buster (security)0.5.3-37+deb10u1fixed
bullseye0.5.3+git20210102-6+deb11u1fixed
trixie, bookworm, sid0.5.3+git20230121-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
w3msourcebuster0.5.3-37+deb10u1DLA-3541-1
w3msourcebullseye0.5.3+git20210102-6+deb11u1
w3msource(unstable)0.5.3+git20230121-11019599

Notes

https://github.com/tats/w3m/issues/242
Initial fix: https://github.com/tats/w3m/commit/419ca82d57c72242817b55e2eaa4cdbf6916e7fa
Follow-up fix: https://github.com/tats/w3m/commit/25fb402cea405b263466c627f32513d186a38ade

Search for package or bug name: Reporting problems