CVE-2022-4981: 
NixOS vulnerability analysis and mitigation

A vulnerability was detected in DCMTK (DICOM Toolkit) versions up to 3.6.7, identified as CVE-2022-4981. The vulnerability affects the function DcmQueryRetrieveConfig::readPeerList in the file /dcmqrcnf.cc of the dcmqrscp component. The issue was discovered by Heng Zhang and was fixed in version 3.6.8 with patch 957fb31e5 (DCMTK Issue, VulDB).

The vulnerability is a null pointer dereference issue that occurs when processing invalid or incomplete configuration files. The function DcmQueryRetrieveConfig::readPeerList() fails to validate configuration dependencies before dereferencing pointers, specifically when comparing symbolic host names against an uninitialized CNF_HETable.HostEntries array. The vulnerability has been assigned CVSS v3.1 Base Score of 3.3 (LOW) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L (VulDB, Shimo Report).

The vulnerability can cause immediate Denial of Service by crashing the DICOM Query/Retrieve SCP service (dcmqrscp). It is particularly concerning in automated imaging environments or medical servers that parse untrusted or externally modified configuration files (Shimo Report).

The recommended mitigation is to upgrade to DCMTK version 3.6.8 or later, which includes the fix identified by patch 957fb31e5. This patch addresses the insufficient validation of input data in the DcmQueryRetrieveConfig class (DCMTK Issue, VulDB).