In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
02 Dec 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References | (N/A) https://www.oracle.com//security-alerts/cpujul2021.html - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
CPE | cpe:2.3:a:oracle:graalvm:20.3.2:*:*:*:enterprise:*:*:* cpe:2.3:a:oracle:graalvm:21.1.0:*:*:*:enterprise:*:*:* |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Jun 2021, 19:22
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UW27QVY7ERPTSGKS4KAWE5TU7EJWHKVQ/ - Mailing List, Third Party Advisory |
08 Jun 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-11-24 18:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-28928
Mitre link : CVE-2020-28928
CVE.ORG link : CVE-2020-28928
JSON object : View
Products Affected
oracle
- graalvm
musl-libc
- musl
debian
- debian_linux
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write