VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-e9ng-ewvh-kqeq

Essentials
Severities (24)
References (15)
Severity details (16)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-e9ng-ewvh-kqeq
Aliases	CVE-2022-3821
Summary	Multiple vulnerabilities have been discovered in systemd, the worst of which could result in denial of service.
Status	Published
Exploitability	0.5
Weighted Severity	5.0
Risk	2.5
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-193

Off-by-one Error

System	Score	Found at
cvssv3	5.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3821.json
epss	0.00029	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00029	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00029	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00029	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00029	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
epss	0.00031	https://api.first.org/data/v1/epss?cve=CVE-2022-3821
cvssv3.1	5.5	https://bugzilla.redhat.com/show_bug.cgi?id=2139327
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2139327
cvssv3.1	5.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	5.5	https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
ssvc	Track	https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
cvssv3.1	5.5	https://github.com/systemd/systemd/issues/23928
ssvc	Track	https://github.com/systemd/systemd/issues/23928
cvssv3.1	5.5	https://github.com/systemd/systemd/pull/23933
ssvc	Track	https://github.com/systemd/systemd/pull/23933
cvssv3.1	5.5	https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html
cvssv3.1	5.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
cvssv3.1	5.5	https://security.gentoo.org/glsa/202305-15
ssvc	Track	https://security.gentoo.org/glsa/202305-15

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3821.json
		https://api.first.org/data/v1/epss?cve=CVE-2022-3821
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3821
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2139327		https://bugzilla.redhat.com/show_bug.cgi?id=2139327
23928		https://github.com/systemd/systemd/issues/23928
23933		https://github.com/systemd/systemd/pull/23933
9102c625a673a3246d7e73d8737f3494446bad4e		https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
GLSA-202305-15		https://security.gentoo.org/glsa/202305-15
msg00036.html		https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html
RHSA-2023:0100		https://access.redhat.com/errata/RHSA-2023:0100
RHSA-2023:0336		https://access.redhat.com/errata/RHSA-2023:0336
RHSA-2024:1105		https://access.redhat.com/errata/RHSA-2024:1105
RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
USN-5928-1		https://usn.ubuntu.com/5928-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3821.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=2139327

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2139327

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/systemd/systemd/issues/23928

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://github.com/systemd/systemd/issues/23928

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/systemd/systemd/pull/23933

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://github.com/systemd/systemd/pull/23933

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://security.gentoo.org/glsa/202305-15

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-02T18:10:56Z/ Found at https://security.gentoo.org/glsa/202305-15

Exploit Prediction Scoring System (EPSS)

Percentile	0.08078
EPSS Score	0.00029
Published At	April 2, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:12:23.181513+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/202305-15	38.0.0