CVE-2022-2879 in Googleinfo

Summary

by MITRE • 10/14/2022

Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

by VulDB Data Team • 05/28/2026

The vulnerability identified as CVE-2022-2879 represents a critical memory exhaustion flaw within archive processing libraries that handle file headers without proper size limitations. This issue affects systems that utilize Reader.Read functionality to parse archive files, where the absence of maximum header size constraints creates an exploitable condition that can be leveraged by malicious actors to consume excessive system resources. The vulnerability stems from the lack of input validation and resource management controls that should normally prevent unbounded memory allocation during file header processing operations.

The technical flaw manifests when a maliciously crafted archive contains oversized header blocks that exceed normal file format expectations. Without proper size limits, the Reader.Read function allocates memory proportional to the header size specified in the archive, potentially leading to unbounded memory consumption that can exhaust system resources and cause application panics or crashes. This behavior directly violates secure coding principles and represents a classic example of a resource exhaustion attack vector that can be exploited to disrupt service availability. The vulnerability aligns with CWE-770, which specifically addresses allocation of resources without proper limits, and demonstrates how insufficient input validation can create dangerous conditions for system stability.

The operational impact of CVE-2022-2879 extends beyond simple resource exhaustion to potentially compromise system availability and stability across multiple platforms and applications that rely on archive processing functionality. When exploited, this vulnerability can cause denial of service conditions that affect legitimate users and applications, particularly in environments where archive processing is a common operation such as backup systems, file transfer services, or content distribution platforms. The vulnerability affects any system that processes untrusted archive files without proper header size validation, making it particularly dangerous in networked environments where users may inadvertently or maliciously submit crafted archive files that trigger the memory allocation explosion.

The fix implemented for this vulnerability involves establishing a maximum header block size limit of 1 MiB, which effectively prevents the unbounded memory allocation that previously occurred. This mitigation approach aligns with defensive programming practices and follows the principle of least privilege by restricting resource allocation to reasonable bounds. The solution addresses the core issue by implementing proper input validation and resource management controls that prevent malicious inputs from causing system instability. Security practitioners should note that this vulnerability may be exploited in conjunction with other attack vectors within the broader ATT&CK framework, particularly those related to resource exhaustion and denial of service techniques. Organizations should prioritize patching affected systems and implementing additional monitoring to detect potential exploitation attempts, as the vulnerability can be particularly challenging to detect through conventional security scanning methods due to its reliance on specific archive file structures.

Reservation

08/17/2022

Disclosure

10/14/2022

Moderation

accepted

CPE

ready

EPSS

0.01544

KEV

no

Activities

very low

Sources

Interested in the pricing of exploits?

See the underground prices here!