Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-5357

Опубликовано: 17 фев. 2017
Источник: debian

Описание

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ednot-affectedpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2017/01/12/5

  • The issue is only present from 1.14 onwards, and prior to 1.14.1 since upstream

  • changed a malloc'ed buffer for a static one.

  • https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00001.html

Связанные уязвимости

ubuntu логотип

CVE-2017-5357

CVSS3: 7.5
ubuntu
почти 9 лет назад

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

redhat логотип

CVE-2017-5357

CVSS3: 3.3
redhat
около 9 лет назад

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

nvd логотип

CVE-2017-5357

CVSS3: 7.5
nvd
почти 9 лет назад

regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.

suse-cvrf логотип

SUSE-SU-2020:1608-1

suse-cvrf
больше 5 лет назад

Security update for ed

suse-cvrf логотип

SUSE-SU-2019:14005-1

suse-cvrf
почти 7 лет назад

Security update for ed