Описание
BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| bwa | fixed | 0.7.17-3 | package | |
| bwa | fixed | 0.7.15-2+deb9u1 | stretch | package |
| bwa | not-affected | jessie | package |
Примечания
https://github.com/lh3/bwa/pull/232
https://github.com/lh3/bwa/commit/20d0a13092aa4cb73230492b05f9697d5ef0b88e
Связанные уязвимости
BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.
BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.
BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.
Уязвимость функции bns_restore (bntseq.c) программный пакет для картирования чтений на большие референсные геномы Burrow-Wheeler Aligner, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код