Описание
In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ndpi | fixed | 3.4-1 | package | |
| ndpi | not-affected | buster | package | |
| ndpi | not-affected | stretch | package |
Примечания
https://github.com/ntop/nDPI/commit/6a9f5e4f7c3fd5ddab3e6727b071904d76773952 (3.4)
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 5 лет назад
In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
CVSS3: 9.8
nvd
больше 5 лет назад
In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
github
больше 3 лет назад
In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.