{"id":"CVE-2022-39343","summary":"Azure RTOS FileX vulnerable to Buffer Offerflow","details":"Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA.","aliases":["GHSA-8jqf-wjhq-4w9f"],"modified":"2026-04-12T01:28:02.270648Z","published":"2022-11-08T00:00:00Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/39xxx/CVE-2022-39343.json","cna_assigner":"GitHub_M","cwe_ids":["CWE-120"]},"references":[{"type":"WEB","url":"https://github.com/azure-rtos/filex/blob/master/common/src/fx_fault_tolerant_apply_logs.c#L218"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/39xxx/CVE-2022-39343.json"},{"type":"ADVISORY","url":"https://github.com/azure-rtos/filex/security/advisories/GHSA-8jqf-wjhq-4w9f"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-39343"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/azure-rtos/filex","events":[{"introduced":"0"},{"fixed":"ef128829b4d9c142dbdf0e48e9ac67889da0ea9c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"6.2.0"}]}}],"versions":["r6.1.8_rel","v6.0.1_rel","v6.0_rel","v6.1.10_rel","v6.1.11_rel","v6.1.12_rel","v6.1.2_rel","v6.1.3_rel","v6.1.5_rel","v6.1.6_rel","v6.1.7_rel","v6.1_rel"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-005b8cd9","digest":{"function_hash":"71481729813592598114919597199169458269","length":2833},"deprecated":false,"target":{"file":"common/src/fx_fault_tolerant_cleanup_FAT_chain.c","function":"_fx_fault_tolerant_cleanup_FAT_chain"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-0abea23c","digest":{"line_hashes":["65241720697930226269468681913103583472","80921983722349863410942781891916441009","291206474639971796351891434876688066655","161039004775417762457799108608254794378","251994901015578953193557576347699276011","145149154637618591833099886370030141683","295370043889283988658499404527183177329"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_partition_offset_calculate.c"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-212de549","digest":{"line_hashes":["258069155482498707029352352665581550435","108274575274021522221195656249753252793","124292861769071536015743048677031915952","235051014167875167832860597212571767089"],"threshold":0.9},"deprecated":false,"target":{"file":"ports/linux/gnu/inc/fx_port.h"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-319533d2","digest":{"line_hashes":["266082254850066319599802724549527785589","289680716979072499573239421865293327267","280704513613968322163299171032282909998","150176488144535472629085075889761544678","210903219169345250585859200127683093412","171158025057470254297225223793680517690","168162267643186252053703085284192112404","224654334372669908512354491120853995475","333814042358026465962697850527502351482","328578774781257306391662101022421809051","104704972042752050252180068477350662882"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_utility_logical_sector_read.c"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-49988b8c","digest":{"function_hash":"286352542862030488155612397523392205879","length":19569},"deprecated":false,"target":{"file":"common/src/fx_media_open.c","function":"_fx_media_open"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-63beab87","digest":{"function_hash":"126870104809708223092663071786333785540","length":3740},"deprecated":false,"target":{"file":"common/src/fx_fault_tolerant_apply_logs.c","function":"_fx_fault_tolerant_apply_logs"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-6d973a6f","digest":{"line_hashes":["85841521789035747175223637507090406174","28290049972947148608847187652796099078","266090514393729544144908005450377100668","160527224236026528273661280489667646056"],"threshold":0.9},"deprecated":false,"target":{"file":"ports/generic/inc/fx_port.h"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-787b65d9","digest":{"line_hashes":["274733081248010547932921133435009421296","306911122112070920244037092964095778557","20245424029670426419962997318721023427","77671916831675302994063952351101874434","205558177936976145535918819851004372361","29094629977050019847156062855822095205","105358097753193015094982871066925515766"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_fault_tolerant_apply_logs.c"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-8f5295fb","digest":{"function_hash":"71767983288199654586839315645110560755","length":5507},"deprecated":false,"target":{"file":"common/src/fx_fault_tolerant_enable.c","function":"_fx_fault_tolerant_enable"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-a4cefe6d","digest":{"function_hash":"21892847390746241560858396884406111653","length":8497},"deprecated":false,"target":{"file":"common/src/fx_utility_logical_sector_read.c","function":"_fx_utility_logical_sector_read"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-af9154a8","digest":{"function_hash":"110605364531903747146678427685970613333","length":5286},"deprecated":false,"target":{"file":"common/src/fx_utility_FAT_entry_read.c","function":"_fx_utility_FAT_entry_read"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-cba75079","digest":{"line_hashes":["197665653581711819412642909141285269782","122790464090719906075418592173484444184","56332967440298553607984169515226900850","179161814522815960525327508324153965678"],"threshold":0.9},"deprecated":false,"target":{"file":"ports/win32/vs_2019/inc/fx_port.h"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-d2773f8a","digest":{"line_hashes":["129569300430791298181205563048325561462","196059845994958670721835868587544315595","268411110274237958272996826582839978929","325988095896963634835766934786998694567","119636201531819313293668514181772147264","217713344490509157809616076072140242968","109915266872951377163733244170815434925","177425607946612072502536653151129080543"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_utility_FAT_entry_read.c"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-f220ada8","digest":{"line_hashes":["132227962160023417086962385225070325000","60456040930004072442497114950015955143","6359120502481172838205642462763131457","6155589986050407398283655387644079848","52618826579203069753197656811211679563","312377050974108669083963276517820231979","173853657654565123830760446437845074701","22618879530015293113240860752579506610","90226766931992874481519605897715340806","185083780435885276790815675316202049892","295916408330904378603581532682913768660","203328474374889218238158658331124101143","166704166767603489345028733102858827450"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_fault_tolerant_cleanup_FAT_chain.c"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-fb79c806","digest":{"line_hashes":["112053036183588478001444466644186585692","230231267904052691848515220417517563145","260522495413887221251993931574509650821","79683114630461773589785191881932328529","72244806446670127558705467330005728909","112347704593112155621647702074788165365","149003806220855531393823078477454668150","208728623556385004089915681003666471395","129593778681426340835183961577992302832","6064397684324996639262937373573928302","65639192027603470000009854619537453286","172289467895251859851739024375756484933","261078052488805653050395887150024951841","266449786475211572621583016798809663065","275563605738885572858716962848048210082","134015269546651800147071003777187732052"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_media_open.c"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/azure-rtos/filex/commit/ef128829b4d9c142dbdf0e48e9ac67889da0ea9c","id":"CVE-2022-39343-febd3739","digest":{"line_hashes":["181223157699215428328082082536837693956","322146426209474509971383667900980478485","221370966855766008290545784322632268620","115330239516374048002963429312999015882","156900181384125889182344797696506381992","109121972667235578476975808786524436400","272041011544879029706192991088149006716","232100000628404821736829713090363817646","28015521008540180194506267631594970908","76812920744964099154738806453456891918","209580974530088009622299872470589516857","213355430641752303053440507740431380156","151571189378027292532606928103386804426","260399537770335970392598853836775393812"],"threshold":0.9},"deprecated":false,"target":{"file":"common/src/fx_fault_tolerant_enable.c"},"signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39343.json","vanir_signatures_modified":"2026-04-12T01:28:02Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}