exploitDog

CVE-2020-36404

Опубликовано: 01 июл. 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl.

Ссылки

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22371
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/keystone/OSV-2020-1506.yaml
Third Party Advisory
https://github.com/keystone-engine/keystone/releases
Release Notes
Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22371
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/keystone/OSV-2020-1506.yaml
Third Party Advisory
https://github.com/keystone-engine/keystone/releases
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:keystone-engine:keystone:0.9.2:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00354

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-763

Связанные уязвимости

GHSA-w4h7-3hcx-qgv6

github

больше 3 лет назад

Keystone Engine 0.9.2 has an invalid free in llvm_ks::SmallVectorImpl<llvm_ks::MCFixup>::~SmallVectorImpl.

EPSS

Процентиль: 57%

0.00354

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-763