Описание
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| freedroidrpg | fixed | 1.0-1 | package | |
| freedroidrpg | no-dsa | bullseye | package | |
| freedroidrpg | no-dsa | buster | package | |
| freedroidrpg | no-dsa | stretch | package | |
| freedroidrpg | end-of-life | jessie | package |
Примечания
https://bugs.freedroid.org/b/issue952
https://bugs.freedroid.org/b/issue967
https://logicaltrust.net/blog/2020/02/freedroid.html
EPSS
Связанные уязвимости
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
EPSS