all InfoSec news
Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093
Dec. 10, 2022, 1:19 a.m. | Jithin Nair
Security Boulevard securityboulevard.com
Background
On Dec 01, 2022, a stack overflow vulnerability CVE-2022-23093 was found in the FreeBSD operating system (all supported versions) ping utility. The issue is a buffer overflow vulnerability affecting the “pr_pack()” function in ping(8). The flaw can be leveraged to cause a stack overflow, which could lead to a crash or trigger remote code execution in ping.
What is the issue?
The following vulnerability details were published in the FreeBSD security advisory
Ping reads raw IP packets from the …
advisory cve cve-2022-23093 freebsd overflow ping security security advisory
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
Azure DevSecOps Cloud Engineer II
@ Prudent Technology | McLean, VA, USA
Security Engineer III - Python, AWS
@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
SOC Analyst (Threat Hunter)
@ NCS | Singapore, Singapore
Managed Services Information Security Manager
@ NTT DATA | Sydney, Australia
Senior Security Engineer (Remote)
@ Mattermost | United Kingdom
Penetration Tester (Part Time & Remote)
@ TestPros | United States - Remote