Описание
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libyang2 | not-affected | package | ||
| libyang | fixed | 3.4.2+dfsg-2 | package | |
| libyang | no-dsa | bullseye | package | |
| libyang | no-dsa | buster | package |
Примечания
https://github.com/CESNET/libyang/issues/1451
https://github.com/CESNET/libyang/commit/59a0bff1a5a2f0a0eac07e4bf94d4aea9dd3708d (v1.0.253)
src:libyang was removed and later re-introduced as src:libyang with version 3
EPSS
Связанные уязвимости
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
Уязвимость функции ext_get_plugin() синтаксического анализатора и инструментария языка моделирования данных YANG Libyang, связанная с непроверенным возвращаемым значением, позволяющая нарушителю вызвать отказ в обслуживании
EPSS