CVE-2019-20387
libsolv: out-of-bounds read in repodata_schema2id in repodata.c
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
La función repodata_schema2id en el archivo repodata.c en libsolv versiones anteriores a 0.7.6, presenta una lectura excesiva del búfer en la región heap de la memoria por medio de un último esquema cuya longitud es menor que la longitud del esquema de entrada.
An out-of-bounds read was discovered in Libsolv when the last schema has a length that is less than the length of the input schema. A remote attacker may abuse this flaw to crash an application that uses Libsolv.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-21 CVE Reserved
- 2020-01-21 CVE Published
- 2023-11-25 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2020/01/msg00034.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/openSUSE/libsolv/commit/fdb9c9c03508990e4583046b590c30d958f272da | 2023-01-31 | |
| https://github.com/openSUSE/libsolv/compare/0.7.5...0.7.6 | 2023-01-31 |
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2019-20387 | 2020-11-04 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1797072 | 2020-11-04 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opensuse Search vendor "Opensuse" | Libsolv Search vendor "Opensuse" for product "Libsolv" | < 0.7.6 Search vendor "Opensuse" for product "Libsolv" and version " < 0.7.6" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||