Описание
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 2 | parted | Not affected | ||
| Red Hat Enterprise Linux 5 | coreutils | Not affected | ||
| Red Hat Enterprise Linux 5 | libvirt | Not affected | ||
| Red Hat Enterprise Linux 6 | coreutils | Not affected | ||
| Red Hat Enterprise Linux 6 | libvirt | Not affected | ||
| Red Hat Enterprise Linux 7 | coreutils | Not affected | ||
| Red Hat Enterprise Linux 7 | libvirt | Not affected | ||
| Red Hat Enterprise Linux 8 | coreutils | Not affected | ||
| Red Hat Enterprise Linux 8 | libvirt | Not affected | ||
| Red Hat Storage 3 | nagios-plugins | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018- ...
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
EPSS
3.3 Low
CVSS3