{"vulnerability": "CVE-2022-45873", "sightings": [{"uuid": "e670f66b-97c6-4fe9-9a9e-c55484548232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45873", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13506", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45873\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.\n\ud83d\udccf Published: 2022-11-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T18:19:52.554Z\n\ud83d\udd17 References:\n1. https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437\n2. https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553\n3. https://github.com/systemd/systemd/pull/24853#issuecomment-1326561497\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MS5N5SLYAHKENLAJWYBDKU55ICU3SVZF/", "creation_timestamp": "2025-04-25T19:07:31.000000Z"}]}