CVE-2022-48620

CRITICAL

Troglobit Libeuv < 2.4.1 - Buffer Overflow

Title source: rule

STIX 2.1

Description

uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number.

References (10)

Core 10

Core References

Patch

https://github.com/troglobit/libuev/commit/2d9f1c9ce655cc38511aeeb6e95ac30914f7aec9

View Patch ZIP pw:eip

Release Notes

https://github.com/troglobit/libuev/compare/v2.4.0...v2.4.1

Issue Tracking

https://github.com/troglobit/libuev/issues/27

Mailing List

https://lists.debian.org/debian-lts-announce/2026/01/msg00026.html

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2J4UB4KXWCCTZCE53B6SFIREZ57INK7T/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2XZESYGE6XDWAPFUOX26ZWJV2JWMMM5/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6RLVLJGDKTEVJP446TFDANHB4LHRAOP/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/2J4UB4KXWCCTZCE53B6SFIREZ57INK7T/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/E6RLVLJGDKTEVJP446TFDANHB4LHRAOP/

Mailing List, Third Party Advisory

https://lists.fedoraproject.org/archives/list/[email protected]/message/P2XZESYGE6XDWAPFUOX26ZWJV2JWMMM5/

Scores

CVSS v3 9.8

EPSS 0.0106

EPSS Percentile 77.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-120

Status published

Products (1)

troglobit/libeuv < 2.4.1

Published Jan 12, 2024

Tracked Since Feb 18, 2026