CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2CVE-2021-3200 – libsolv: heap-based buffer overflow in testcase_read() in src/testcase.c
https://notcve.org/view.php?id=CVE-2021-3200
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service Una vulnerabilidad de desbordamiento de búfer en libsolv versiones hasta el 13-12-2020 por medio de la función Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp en el archivo src/testcase.c: línea 2334, que podría causar una denegación de servicio A flaw was found in libsolv. A buffer overflow vulnerability could cause a denial of service. The highest threat from this vulnerability is to system availability. • https://github.com/openSUSE/libsolv/issues/416 https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2021-3200 https://bugzilla.redhat.com/show_bug.cgi?id=1962307 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-20387 – libsolv: out-of-bounds read in repodata_schema2id in repodata.c
https://notcve.org/view.php?id=CVE-2019-20387
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema. La función repodata_schema2id en el archivo repodata.c en libsolv versiones anteriores a 0.7.6, presenta una lectura excesiva del búfer en la región heap de la memoria por medio de un último esquema cuya longitud es menor que la longitud del esquema de entrada. An out-of-bounds read was discovered in Libsolv when the last schema has a length that is less than the length of the input schema. A remote attacker may abuse this flaw to crash an application that uses Libsolv. • https://github.com/openSUSE/libsolv/commit/fdb9c9c03508990e4583046b590c30d958f272da https://github.com/openSUSE/libsolv/compare/0.7.5...0.7.6 https://lists.debian.org/debian-lts-announce/2020/01/msg00034.html https://access.redhat.com/security/cve/CVE-2019-20387 https://bugzilla.redhat.com/show_bug.cgi?id=1797072 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20532 – libsolv: NULL pointer dereference in function testcase_read
https://notcve.org/view.php?id=CVE-2018-20532
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. Hay una desreferencia de puntero NULL en ext/testcase.c (función testcase_read) en libsolvext.a en libsolv hasta la versión 0.7.2 que provocará una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00057.html https://access.redhat.com/errata/RHSA-2019:2290 https://bugzilla.redhat.com/show_bug.cgi?id=1652605 https://github.com/openSUSE/libsolv/pull/291 https://usn.ubuntu.com/3916-1 https://access.redhat.com/security/cve/CVE-2018-20532 https://bugzilla.redhat.com/show_bug.cgi?id=1665532 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20533 – libsolv: NULL pointer dereference in function testcase_str2dep_complex
https://notcve.org/view.php?id=CVE-2018-20533
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. Hay una desreferencia de puntero NULL en ext/testcase.c (función testcase_str2dep_complex) en libsolvext.a en libsolv hasta la versión 0.7.2 que provocará una denegación de servicio (DoS). • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00057.html https://access.redhat.com/errata/RHSA-2019:2290 https://bugzilla.redhat.com/show_bug.cgi?id=1652599 https://github.com/openSUSE/libsolv/pull/291 https://usn.ubuntu.com/3916-1 https://access.redhat.com/security/cve/CVE-2018-20533 https://bugzilla.redhat.com/show_bug.cgi?id=1665535 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20534 – libsolv: illegal address access in pool_whatprovides in src/pool.h
https://notcve.org/view.php?id=CVE-2018-20534
There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application ** EN DISPUTA ** Hay un acceso a direcciones ilegal en ext/testcase.c en libsolv.a en libsolv hasta la versión 0.7.2 que provocará una denegación de servicio (DoS). NOTA: terceros disputan este problema afirmando que afecta al conjunto de pruebas y no a la librería subyacente. No puede ser explotado en ninguna aplicación real. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00057.html https://access.redhat.com/errata/RHSA-2019:2290 https://access.redhat.com/errata/RHSA-2019:3583 https://bugzilla.redhat.com/show_bug.cgi?id=1652604 https://bugzilla.suse.com/show_bug.cgi?id=1120631 https://github.com/openSUSE/libsolv/pull/291 https://usn.ubuntu.com/3916-1 https://access.redhat.com/security/cve/CVE-2018-20534 https://bugzilla.redhat.com/show_bug.cgi?id=1665538 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •