CVE-2019-19334
libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
En todas las versiones de libyang anteriores a 1.0-r5, se detectó un desbordamiento del búfer en la región heap de la memoria en la manera en que libyang analiza los archivos YANG con una hoja de tipo "identityref". Una aplicación que usa libyang para analizar archivos YANG no confiables puede ser vulnerable a este fallo, lo que permitiría a un atacante causar una denegación de servicio o posiblemente conseguir la ejecución de código.
A stack-based buffer overflow flaw was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or execute code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-11-27 CVE Reserved
- 2019-12-06 CVE Published
- 2024-08-05 CVE Updated
- 2024-10-27 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-121: Stack-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (7)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19334 | 2023-11-07 | |
| https://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.11 Search vendor "Cesnet" for product "Libyang" and version "0.11" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.11 Search vendor "Cesnet" for product "Libyang" and version "0.11" | r2 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.12 Search vendor "Cesnet" for product "Libyang" and version "0.12" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.12 Search vendor "Cesnet" for product "Libyang" and version "0.12" | r2 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.13 Search vendor "Cesnet" for product "Libyang" and version "0.13" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.13 Search vendor "Cesnet" for product "Libyang" and version "0.13" | r2 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.14 Search vendor "Cesnet" for product "Libyang" and version "0.14" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.15 Search vendor "Cesnet" for product "Libyang" and version "0.15" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.16 Search vendor "Cesnet" for product "Libyang" and version "0.16" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.16 Search vendor "Cesnet" for product "Libyang" and version "0.16" | r2 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 0.16 Search vendor "Cesnet" for product "Libyang" and version "0.16" | r3 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 1.0 Search vendor "Cesnet" for product "Libyang" and version "1.0" | r1 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 1.0 Search vendor "Cesnet" for product "Libyang" and version "1.0" | r2 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 1.0 Search vendor "Cesnet" for product "Libyang" and version "1.0" | r3 |
Affected
| ||||||
| Cesnet Search vendor "Cesnet" | Libyang Search vendor "Cesnet" for product "Libyang" | 1.0 Search vendor "Cesnet" for product "Libyang" and version "1.0" | r4 |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 31 Search vendor "Fedoraproject" for product "Fedora" and version "31" | - |
Affected
| ||||||