{"vulnerability": "CVE-2022-2309", "sightings": [{"uuid": "c6ba45a0-8060-4f0d-8fb1-7dc932f7fd5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-2309", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "8fa73471-7daa-422b-8810-eee1d3db86fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23090", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23090\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The aio_aqueue function, used by the lio_listio system call, fails to release a reference to a credential in an error case.\n\nAn attacker may cause the reference count to overflow, leading to a use after free (UAF).\n\ud83d\udccf Published: 2024-02-15T05:09:27.389Z\n\ud83d\udccf Modified: 2025-03-28T23:57:52.965Z\n\ud83d\udd17 References:\n1. https://security.freebsd.org/advisories/FreeBSD-SA-22:10.aio.asc\n2. https://security.netapp.com/advisory/ntap-20240415-0007/", "creation_timestamp": "2025-03-29T00:28:33.000000Z"}, {"uuid": "516356a2-b698-40c5-9e4f-c37f4ecd7670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/habr_com_news/12741", "content": "\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 FreeBSD \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u044b\u0439 \u043f\u0430\u0442\u0447 \u043f\u0440\u043e\u0442\u0438\u0432 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 ping. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 CVE-2022-23093 (\u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0446\u0435\u043d\u043e\u043a CVSS \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0446\u0435\u043d\u0435\u043d\u0430 \u0432 9,8 \u0431\u0430\u043b\u043b\u0430 \u2014 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430) \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ping \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0445\u043e\u0441\u0442\u0430, \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0430\u0433\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 FreeBSD 13.1-RELEASE-p5, 12.4-RC2-p2 \u0438 12.3-RELEASE-p10.\n\n#FreeBSD #\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2022-12-05T19:50:05.000000Z"}, {"uuid": "3bda14ef-10d1-42fa-b5d8-ea1038ae9684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/habr_com_news/12937", "content": "\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0442\u0438\u043b\u0438\u0442\u044b ping \u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-23093 \u0432 OpenBSD \u043d\u0435 \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u043d\u0435\u0435 \u0431\u044b\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0432\u043e FreeBSD, \u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u0430\u0433, \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u0432 \u043a\u043e\u0434\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0441 1998 \u0433\u043e\u0434\u0430.\n\n#\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2022-12-12T07:39:12.000000Z"}, {"uuid": "fa006158-5901-4511-9012-5bca9b8f9eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/34", "content": "https://github.com/Inplex-sys/CVE-2022-23093", "creation_timestamp": "2023-03-07T18:12:54.000000Z"}, {"uuid": "d403ba56-ecc5-452d-8abc-3fe58ac87fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/208", "content": "Top Security News for 10/12/2022\n\nCobalt Mirage's Dokbk malware. Zombinder in the C2C market. Relief-themed impersonation scams.\nhttps://thecyberwire.com/newsletters/daily-briefing/11/235 \n\nEpic Games introduces safer accounts for kids\nhttps://www.malwarebytes.com/blog/news/2022/12/epic-games-places-child-accounts-into-a-security-cabinet \n\nCybersecurity during the World Cup.\nhttps://thecyberwire.com/podcasts/research-saturday/261/notes \n\nWhy is Robust API Security Crucial in eCommerce?\nhttps://thehackernews.com/2022/12/why-is-robust-api-security-crucial-in.html \n\nThis week's activities in cyber gangland. Trends in ransomware. Rackspace works to remediate a ransomware incident.\nhttps://thecyberwire.com/newsletters/week-that-was/6/48 \n\nResearchers Detail New Attack Method to Bypass Popular Web Application Firewalls\nhttps://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html \n\nPwn2Own Toronto 2022 Day 3: Participants earned nearly $1 million\nhttps://securityaffairs.co/wordpress/139462/hacking/pwn2own-toronto-2022-day-3-participants-earned-nearly-1-million.html \n\nEU court orders Google to remove false search results. Australia\u2019s strategy for awakening from its cyber slumber. Netherlands to join US in Chinese tech export ban.\nhttps://thecyberwire.com/newsletters/policy-briefing/4/235 \n\nSecurity Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093\nhttps://malware.news/t/security-advisory-for-freebsd-ping-stack-based-overflow-cve-2022-23093/65633#post_1 \n\nMike Hamilton, former CISO of Seattle discusses how $1 billion for cybersecurity funding will be difficult to distribute to state and local governments.\nhttps://thecyberwire.com/podcasts/interview-selects/138/notes \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-12-10T08:00:05.000000Z"}, {"uuid": "dc29238e-3d78-43e9-90be-93b0c9783b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/ctinow/80738", "content": "Security Advisory for FreeBSD Ping Stack-Based Overflow CVE-2022-23093\n\nhttps://ift.tt/i9Az3rY", "creation_timestamp": "2022-12-10T09:33:46.000000Z"}, {"uuid": "bca006f7-f5fe-4363-a924-286e481d8a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/proxy_bar/1196", "content": "RCE root-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 ping, \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u043e\u0439 \u0432\u043e FreeBSD\nCVE-2022-23093\nread", "creation_timestamp": "2022-12-01T09:40:55.000000Z"}, {"uuid": "98c8e20a-b444-48fa-8696-8eea1fac8e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "published-proof-of-concept", "source": "Telegram/LpzsM0K-K1sFpFetTs8XoWRrnxqLtFNKgChaFnoR4c2tspU", "content": "", "creation_timestamp": "2022-12-01T09:33:40.000000Z"}, {"uuid": "dae28caf-5047-4319-b586-c86c00d65c80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23090", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/445", "content": "CVE-2022-23090 : FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug \nhttps://accessvector.net/2022/freebsd-aio-lpe", "creation_timestamp": "2022-08-30T06:30:14.000000Z"}, {"uuid": "8882ef3f-5db3-4cd3-930f-e913bd2968c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/crackcodes/1624", "content": "#exploit\n1. Grafana RCE via SMTP server parameter injection\nhttps://hackerone.com/reports/1200647\n\n2. CVE-2022-23093:\nFreeBSD Ping RCE\nhttps://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc\n\n3. CVE-2022-34669:\nNVidia GPU Display Driver Vulnerablities\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5415", "creation_timestamp": "2022-12-06T04:04:16.000000Z"}, {"uuid": "1bfdd1ad-bca7-4df2-a961-4f98c1e521d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/true_secator/3787", "content": "\u0421\u0442\u0430\u0440\u044b\u0439 \u0431\u0435\u0437\u043e\u0431\u0438\u0434\u043d\u044b\u0439 ping \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 FreeBSD.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c\u0438 \u043f\u043e \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0435\u043d\u0438\u044e \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b FreeBSD \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 ping \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-23093.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e ping \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0445\u043e\u0441\u0442\u0430, \u043f\u043e\u0434\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043e \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u0445 FreeBSD 13.1-RELEASE-p5, 12.4-RC2-p2 \u0438 12.3-RELEASE-p10.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u043e\u0434\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 ping \u0434\u043b\u044f \u0440\u0430\u0437\u0431\u043e\u0440\u0430 ICMP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439, \u043f\u0440\u0438\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043e\u0447\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441.\n\n\u041a\u043e\u0434 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0438 \u043f\u0440\u0438\u0451\u043c\u0430 ICMP-\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0432 ping \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 raw-\u0441\u043e\u043a\u0435\u0442\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u0443\u0442\u0438\u043b\u0438\u0442\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441 \u0444\u043b\u0430\u0433\u043e\u043c setuid root, \u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u043e\u0442\u0432\u0435\u0442\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 ping \u0447\u0435\u0440\u0435\u0437 \u0440\u0435\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044e IP- \u0438 ICMP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c\u044b\u0445 \u0438\u0437 raw-\u0441\u043e\u043a\u0435\u0442\u0430.\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 IP- \u0438 ICMP-\u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438 \u043a\u043e\u043f\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 pr_pack() \u0432 \u0431\u0443\u0444\u0435\u0440\u044b, \u043d\u0435 \u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0442\u043e, \u0447\u0442\u043e \u0432 \u043f\u0430\u043a\u0435\u0442\u0435 \u043f\u043e\u0441\u043b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430 IP \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438.\n\n\u041f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f \u0438\u0437 \u043f\u0430\u043a\u0435\u0442\u0430 \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442\u0441\u044f \u0432 \u0431\u043b\u043e\u043a \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u0432, \u043d\u043e \u043d\u0435 \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043f\u0440\u0438 \u0440\u0430\u0441\u0447\u0451\u0442\u0435 \u0440\u0430\u0437\u043c\u0435\u0440\u0430 \u0431\u0443\u0444\u0435\u0440\u0430. \n\n\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u0445\u043e\u0441\u0442 \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 ICMP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0432\u0435\u0440\u043d\u0451\u0442 \u043f\u0430\u043a\u0435\u0442 \u0441 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0430\u043c\u0438, \u0438\u0445 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u0430\u043d\u043e \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0435\u0439 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435.\n\n\u0412 \u0438\u0442\u043e\u0433\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0434\u043e 40 \u0431\u0430\u0439\u0442 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u0442\u0435\u043a\u0435, \u0447\u0442\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u041e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u043c\u044f\u0433\u0447\u0430\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e \u0432 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0440\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0432\u044b\u0437\u043e\u0432\u043e\u0432 (capability mode), \u0447\u0442\u043e \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0434\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 FreeBSD. \n\n\u0422\u0430\u043a\u0436\u0435 \u043d\u0435\u0442 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u0435 BSD-\u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u043a\u0430\u043a \u043e\u0442\u0447\u0451\u0442\u043e\u0432 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 NetBSD, DragonFlyBSD \u0438 OpenBSD \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c.", "creation_timestamp": "2022-12-05T18:30:07.000000Z"}, {"uuid": "79ca7513-487f-4c00-acf3-3a78fb7f8782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/crackcodes/1579", "content": "Remote code execution bug in FreeBSD's ping (CVE-2022-23093)\nhttps://ift.tt/TrukG2P\n\nSubmitted December 01, 2022 at 09:40AM by Gallus\nvia reddit https://ift.tt/xfckVmZ", "creation_timestamp": "2022-12-01T08:23:49.000000Z"}, {"uuid": "b35dac1b-42f8-4f61-af6a-31d166c26e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/ctinow/185286", "content": "https://ift.tt/O9YtuIF\nCVE-2022-23093", "creation_timestamp": "2024-02-15T07:22:07.000000Z"}, {"uuid": "0c6bb0ae-d644-4602-8b79-6ec763a00c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23092", "type": "seen", "source": "https://t.me/ctinow/185285", "content": "https://ift.tt/Oj0LGk9\nCVE-2022-23092", "creation_timestamp": "2024-02-15T07:22:06.000000Z"}, {"uuid": "dcda7c89-ae6e-42b4-bcc0-248b33355414", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23091", "type": "seen", "source": "https://t.me/ctinow/185284", "content": "https://ift.tt/oBPlcYv\nCVE-2022-23091", "creation_timestamp": "2024-02-15T07:22:02.000000Z"}, {"uuid": "f81371ad-7402-4ebc-8c5d-49abdc87b8d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23090", "type": "seen", "source": "https://t.me/ctinow/185283", "content": "https://ift.tt/cMEhNtw\nCVE-2022-23090", "creation_timestamp": "2024-02-15T07:22:01.000000Z"}, {"uuid": "ba22d2ef-a4d8-4d55-95fc-149d9169d8f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23099", "type": "seen", "source": "https://t.me/cibsecurity/47092", "content": "\u203c CVE-2022-23099 \u203c\n\nOX App Suite through 7.10.6 allows XSS by forcing block-wise read.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T18:49:46.000000Z"}, {"uuid": "d18497bd-c407-4e93-b408-21bde1c83d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23096", "type": "seen", "source": "https://t.me/cibsecurity/36466", "content": "\u203c CVE-2022-23096 \u203c\n\nAn issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T18:26:49.000000Z"}, {"uuid": "a8a6f21d-e63d-4d39-a4a9-8daca48962d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23097", "type": "seen", "source": "https://t.me/cibsecurity/36463", "content": "\u203c CVE-2022-23097 \u203c\n\nAn issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T18:26:45.000000Z"}, {"uuid": "c5d2d1cc-19ae-4adc-8a0d-2c65ff3208db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23098", "type": "seen", "source": "https://t.me/cibsecurity/36460", "content": "\u203c CVE-2022-23098 \u203c\n\nAn issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation has an infinite loop if no data is received.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T18:26:40.000000Z"}, {"uuid": "46aa9677-49e3-44a2-8322-47097cf2b2cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23095", "type": "seen", "source": "https://t.me/cibsecurity/35646", "content": "\u203c CVE-2022-23095 \u203c\n\nOpen Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-15T18:50:41.000000Z"}, {"uuid": "4c62bc17-7a0c-4483-bbb9-b9dc68c280da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23094", "type": "seen", "source": "https://t.me/cibsecurity/35642", "content": "\u203c CVE-2022-23094 \u203c\n\nLibreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted IKEv1 packet because pluto/ikev1.c wrongly expects that a state object exists. This is fixed in 4.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-15T07:20:01.000000Z"}, {"uuid": "0452e210-82d0-47d7-9cdc-8e99e41c6cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/thehackernews/2830", "content": "A new RCE vulnerability [CVE-2022-23093] has been reported in the ping module of the FreeBSD operating system that could be exploited to remotely crash the program or execute malicious code.\n\nRead: https://thehackernews.com/2022/12/critical-ping-vulnerability-allows.html", "creation_timestamp": "2022-12-05T08:51:20.000000Z"}, {"uuid": "63a963f3-d315-43b2-9ba3-cd5f9b4e9f5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/SecLabNews/13088", "content": "\ud83e\udd23 \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 ping \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0430 FreeBSD\n\n\u2014 \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 FreeBSD \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 ping, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-23093 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u2014 \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044f\u043c \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0443\u0442\u0438\u043b\u0438\u0442\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0445\u0430\u043a\u0435\u0440\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u2014 \u041a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u044f\u0442 \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0430\u044e\u0449\u0438\u0435 FreeBSD, \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c CVE-2022-23093 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e ping \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0432 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u0432\u044b\u0437\u043e\u0432\u043e\u0432, \u0447\u0442\u043e \u043d\u0435 \u0434\u0430\u0435\u0442 \u0441 \u043b\u0435\u0433\u043a\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\nhttps://www.securitylab.ru/news/535140.php?r=1", "creation_timestamp": "2022-12-06T15:35:44.000000Z"}, {"uuid": "4ad6e2e1-72cf-44d3-8b35-fc6eaa34d738", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23090", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6644", "content": "#Whitepaper\n\"FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug (CVE-2022-23090)\", 2022.\n\n]-&gt; https://accessvector.net/2022/freebsd-aio-lpe", "creation_timestamp": "2022-08-23T09:50:44.000000Z"}, {"uuid": "42e66dff-bee4-442f-8aa1-0ca685d53c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7287", "content": "#exploit\n1. Grafana RCE via SMTP server parameter injection\nhttps://hackerone.com/reports/1200647\n\n2. CVE-2022-23093:\nFreeBSD Ping RCE\nhttps://www.freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc\n\n3. CVE-2022-34669:\nNVidia GPU Display Driver Vulnerablities\nhttps://nvidia.custhelp.com/app/answers/detail/a_id/5415", "creation_timestamp": "2022-12-03T13:40:07.000000Z"}, {"uuid": "5bde5478-9374-4f5c-a14a-1fc94f8617f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "Telegram/bQJ9gFkcPI7HnRsBOqTmmj2sWtw2igfUZUjiz38dvbJQfAI", "content": "", "creation_timestamp": "2022-12-01T16:05:49.000000Z"}, {"uuid": "7fa34e99-a7a1-4e4e-b3f7-7ae113f8132d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23093", "type": "seen", "source": "https://t.me/LearnExploit/4359", "content": "CVE-2022-23093 ( RCE root vulnerability in FreeBSD's ping utility )\n\nRead\n\n#RCE \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:38.000000Z"}]}