CVE-2022-24070

Priority
Description
Subversion's mod_dav_svn is vulnerable to memory corruption. While looking
up path-based authorization rules, mod_dav_svn servers may attempt to use
memory which has already been freed. Affected Subversion mod_dav_svn
servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use
mod_dav_svn are not affected.
Ubuntu-Description
Thomas Weißschuh discovered that subversion servers did not properly
handle memory in certain configurations. A remote attacker could potentially
use this issue to cause a denial of service or other unspecified impact.
Notes
Package
Upstream:released (1.14.2 and 1.10.8)
Ubuntu 18.04 LTS:not-affected (code not present)
Ubuntu 20.04 LTS:released (1.13.0-3ubuntu0.1)
Ubuntu 21.10:released (1.14.1-3ubuntu0.1)
Ubuntu 16.04 ESM:not-affected (code not present)
Ubuntu 22.04 LTS:released (1.14.1-3ubuntu0.22.04.1)
Patches:
More Information

Updated: 2022-06-10 14:02:41 UTC (commit 22cd97abab61e5eccab4070a258ab5d6a94b972b)