Описание
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libgxps | fixed | 0.3.0-1 | package | |
| libgxps | no-dsa | stretch | package | |
| libgxps | no-dsa | jessie | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1473167
https://bugzilla.gnome.org/show_bug.cgi?id=785479
Fixed by: https://git.gnome.org/browse/libgxps/commit/?id=9d5d2920
EPSS
Связанные уязвимости
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.
Уязвимость функции caseless_hash (gxps-archive.c) библиотеки libgxps, позволяющая нарушителю вызвать отказ в обслуживании
EPSS