CVE-2024-22051
Published: 04 January 2024
Summary
CVE-2024-22051 is a critical-severity Integer Overflow or Wraparound (CWE-190) vulnerability in Github Cmark-Gfm. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 6.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CommonMarker versions prior to 0.23.4 contain an integer overflow vulnerability tracked as CVE-2024-22051 and CWE-190. The flaw resides in the library's table parsing logic and is triggered when a marker row specifies more than UINT16_MAX columns, resulting in heap memory corruption that can be reached during Markdown processing.
Unauthenticated remote attackers can exploit the issue over the network by supplying a crafted Markdown document containing an oversized table. Successful exploitation may allow information disclosure or remote code execution, consistent with the CVSS 9.8 rating that reflects no required authentication, user interaction, or special privileges.
Advisories published in the referenced GitHub Security Advisories and the associated commit recommend immediate upgrade to CommonMarker 0.23.4 or later; the fix bounds column counts and eliminates the overflow during table marker processing. The EPSS score has remained flat at 0.1206 with no material increase observed since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-1416
Vulnerability details
CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables…
more
with marker rows that contain more than UINT16_MAX columns.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Integer overflow in Markdown table parsing enables remote heap corruption for RCE or info leak via crafted oversized tables in user-controlled input, facilitating exploitation of public-facing applications.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.