CVE-2021-3200

Sažetak

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service

Reference

https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334
https://github.com/openSUSE/libsolv/issues/416
https://www.oracle.com/security-alerts/cpuapr2022.html

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

30-07-2022 - 03:45

Objavljeno

18-05-2021 - 17:15