Описание
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
A flaw was found in fig2dev in the open_stream() function of 'readpics.c'. This flaw allows a local attacker to pass a crafted file to fig2dev, causing a segmentation fault (SEGV) that can lead to a denial of service.
Отчет
Red Hat Enterprise Linux is not affected by this vulnerability as Red Hat ships fig2dev v3.2.7b and lower versions whereas it affects fig2dev v3.2.8a and upper versions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | transfig | Not affected | ||
| Red Hat Enterprise Linux 7 | transfig | Not affected | ||
| Red Hat Enterprise Linux 8 | transfig | Not affected | ||
| Red Hat Enterprise Linux 9 | transfig | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
A denial of service vulnerabiity exists in fig2dev through 3.28a due t ...
A denial of service vulnerabiity exists in fig2dev through 3.28a due to a segfault in the open_stream function in readpics.c.
Уязвимость функции open_stream утилиты для преобразования файлов с расширением fig fig2dev , связанная с записью за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.5 Medium
CVSS3