Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
References
Link | Resource |
---|---|
https://github.com/openSUSE/libsolv/issues/416 | Exploit Issue Tracking Third Party Advisory |
https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334 | Exploit Third Party Advisory |
https://www.oracle.com/security-alerts/cpuapr2022.html | Patch Third Party Advisory |
Configurations
History
30 Jul 2022, 03:45
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory | |
CPE | cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:* |
20 Apr 2022, 00:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Jun 2021, 15:26
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 3.3 |
24 May 2021, 18:06
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:opensuse:libsolv:*:*:*:*:*:*:*:* | |
CWE | CWE-120 | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
References | (MISC) https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334 - Exploit, Third Party Advisory | |
References | (MISC) https://github.com/openSUSE/libsolv/issues/416 - Exploit, Issue Tracking, Third Party Advisory |
Information
Published : 2021-05-18 17:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-3200
Mitre link : CVE-2021-3200
CVE.ORG link : CVE-2021-3200
JSON object : View
Products Affected
opensuse
- libsolv
oracle
- communications_cloud_native_core_policy
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')