CVE-2023-39976 – libqb: Buffer overflow in log_blackbox.c
https://notcve.org/view.php?id=CVE-2023-39976
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. • https://github.com/ClusterLabs/libqb/commit/1bbaa929b77113532785c408dd1b41cd0521ffc8 https://github.com/ClusterLabs/libqb/compare/v2.0.7...v2.0.8 https://github.com/ClusterLabs/libqb/pull/490 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KECNF7LFBPE57XSBT6EM7ACVMIBP63WH https://access.redhat.com/security/cve/CVE-2023-39976 https://bugzilla.redhat.com/show_bug.cgi?id=2230708 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2019-12779 – libqb: Insecure treatment of IPC (temporary) files
https://notcve.org/view.php?id=CVE-2019-12779
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames (under /dev/shm and /tmp) without O_EXCL. libqb anterior a la versión 1.0.5 permite a los usuarios locales sobrescribir archivos arbitrarios mediante un ataque de enlace simbólico (symlink attack), porque utiliza nombres de archivo predecibles (bajo /dev/shm y /tmp) sin O_EXCL. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00031.html http://www.securityfocus.com/bid/108691 https://access.redhat.com/errata/RHSA-2019:3610 https://bugzilla.redhat.com/show_bug.cgi?id=1695948 https://github.com/ClusterLabs/libqb/issues/338 https://github.com/ClusterLabs/libqb/releases/tag/v1.0.4 https://github.co • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •