Launchpad CVE tracker

CVE 2022-37454

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

Related bugs and status

CVE-2022-37454 (Candidate) is related to these bugs:

Bug #1995197: Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)

		In	Importance	Status
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pypy3 (Ubuntu)	Undecided	Fix Released
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.6 (Ubuntu)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.7 (Ubuntu)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.8 (Ubuntu)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pypy3 (Ubuntu Focal)	Undecided	In Progress
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pysha3 (Ubuntu Focal)	Undecided	In Progress
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.6 (Ubuntu Focal)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.7 (Ubuntu Focal)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.8 (Ubuntu Focal)	Undecided	New
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pypy3 (Ubuntu Jammy)	Undecided	In Progress
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pysha3 (Ubuntu Jammy)	Undecided	In Progress
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.6 (Ubuntu Jammy)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.7 (Ubuntu Jammy)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.8 (Ubuntu Jammy)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pypy3 (Ubuntu Kinetic)	Undecided	Won't Fix
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pysha3 (Ubuntu Kinetic)	Undecided	Won't Fix
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.6 (Ubuntu Kinetic)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.7 (Ubuntu Kinetic)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.8 (Ubuntu Kinetic)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pypy3 (Ubuntu Bionic)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pysha3 (Ubuntu Bionic)	Undecided	In Progress
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.6 (Ubuntu Bionic)	Undecided	Fix Released
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.7 (Ubuntu Bionic)	Undecided	New
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.8 (Ubuntu Bionic)	Undecided	New
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	pypy3 (Ubuntu Lunar)	Undecided	Fix Released
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.6 (Ubuntu Lunar)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.7 (Ubuntu Lunar)	Undecided	Invalid
1995197	Vulnerable to CVE 2022-37454 (SHA-3 buffer overflow)	python3.8 (Ubuntu Lunar)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-37454

References