CVSS: 9.1EPSS: 3%CPEs: 8EXPL: 1CVE-2019-20367 – Ubuntu Security Notice USN-4243-1
https://notcve.org/view.php?id=CVE-2019-20367
08 Jan 2020 — nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). El archivo nlist.c en libbsd versiones anteriores a la versión 0.10.0, tiene una lectura fuera de límites durante una comparación de un nombre de símbolo de la tabla de cadenas (strtab). It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00043.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2016-2090 – Ubuntu Security Notice USN-4243-1
https://notcve.org/view.php?id=CVE-2016-2090
20 Jul 2016 — Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. Vulnerabilidad de error por un paso en la función fgetwln en libbsd en versiones anteriores a 0.8.2 permite a atacantes tener un impacto no especificado a través de vectores desconocidos, lo que desencadena un desbordamiento de búfer basado en memoria dinámica. It was discovered that libbsd incorrectly handled certain inputs. An ... • http://www.openwall.com/lists/oss-security/2016/01/28/5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •