{"id":"CVE-2022-3821","details":"An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.","modified":"2026-03-11T07:53:48.629096078Z","published":"2022-11-08T22:15:16.700Z","related":["ALSA-2023:0100","ALSA-2023:0336","CGA-xr57-jgp8-qr68","MGASA-2022-0429","SUSE-SU-2022:3999-1","SUSE-SU-2022:4056-1","SUSE-SU-2022:4279-1","SUSE-SU-2023:1776-1","SUSE-SU-2025:20041-1","openSUSE-SU-2024:13366-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/"},{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139327"},{"type":"ADVISORY","url":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e"},{"type":"ADVISORY","url":"https://github.com/systemd/systemd/issues/23928"},{"type":"ADVISORY","url":"https://github.com/systemd/systemd/pull/23933"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202305-15"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2139327"},{"type":"REPORT","url":"https://github.com/systemd/systemd/issues/23928"},{"type":"FIX","url":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e"},{"type":"FIX","url":"https://github.com/systemd/systemd/pull/23933"},{"type":"EVIDENCE","url":"https://github.com/systemd/systemd/issues/23928"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/systemd/systemd","events":[{"introduced":"0"},{"fixed":"9102c625a673a3246d7e73d8737f3494446bad4e"}]}],"versions":["001","002","003","004","005","006","007","008","009","010","011","012","013","014","015","016","017","018","019","020","021","022","023","024","025","026","027","028","029","030","031","032","033","034","035","036","037","038","039","040","042","043","044","045","046","047","048","049","050","051","052","053","054","055","056","057","058","059","060","061","062","064","174","175","176","177","178","179","180","181","182","v1","v10","v11","v12","v13","v14","v15","v16","v17","v18","v183","v184","v185","v186","v187","v188","v189","v19","v190","v191","v192","v193","v194","v195","v196","v197","v198","v199","v2","v20","v200","v201","v202","v203","v204","v205","v206","v207","v208","v209","v21","v210","v211","v212","v213","v214","v215","v216","v217","v218","v219","v22","v220","v221","v222","v223","v224","v225","v226","v227","v228","v229","v23","v230","v231","v232","v233","v234","v235","v236","v237","v238","v239","v24","v240","v241","v241-rc1","v241-rc2","v242","v242-rc1","v242-rc2","v242-rc3","v242-rc4","v243","v243-rc1","v243-rc2","v243.1","v244","v244-rc1","v245","v245-rc1","v245-rc2","v246","v246-rc1","v246-rc2","v247","v247-rc1","v247-rc2","v248","v248-2","v248-rc1","v248-rc2","v248-rc3","v248-rc4","v249","v249-rc1","v249-rc2","v249-rc3","v25","v250","v250-rc1","v250-rc2","v250-rc3","v251","v251-rc1","v251-rc2","v251-rc3","v26","v27","v28","v29","v3","v30","v31","v32","v33","v34","v35","v36","v37","v38","v39","v4","v40","v41","v42","v43","v44","v5","v6","v7","v8","v9"],"database_specific":{"vanir_signatures":[{"id":"CVE-2022-3821-0c150019","deprecated":false,"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["187197774867605728975572453615684576112","200367803134423148290597242552267353202","86350558284044936531423369741668952492","279815649959355405795267225550957054386"]},"source":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","signature_type":"Line","target":{"file":"src/test/test-time-util.c"}},{"id":"CVE-2022-3821-cb534d4d","deprecated":false,"signature_version":"v1","source":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","digest":{"function_hash":"318603724216709942588178449962184743803","length":96},"signature_type":"Function","target":{"function":"TEST","file":"src/test/test-time-util.c"}},{"id":"CVE-2022-3821-d412c7a9","deprecated":false,"signature_version":"v1","source":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","digest":{"function_hash":"90962051446743331888006721636164292196","length":1651},"signature_type":"Function","target":{"function":"format_timespan","file":"src/basic/time-util.c"}},{"id":"CVE-2022-3821-d70d50ae","deprecated":false,"signature_version":"v1","source":"https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e","digest":{"threshold":0.9,"line_hashes":["140786591668832523190839408699687877415","168438522841888037258673190060110437287","161448172375777290203407143804467937883","288618140824775369074077755147061431438"]},"signature_type":"Line","target":{"file":"src/basic/time-util.c"}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3821.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}