A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The existence of this vulnerability is still disputed at present. This issue is disputed due to the potential lack of crossing of security boundaries and the pre-requisites for a successful attack.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Hardened Images | RedHat | netavark-main-2.0.0-1.hum1 | * |
| Red Hat Hardened Images | RedHat | rust-main-1.96.1-1.hum1 | * |
| Hdrhistogram | Ubuntu | questing | * |