Описание
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
A null pointer dereference vector has been discovered in GNU libmicrohttpd. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) in the application using libmicrohttpd.
Отчет
The availability impact of this flaw is limited to applications using libmicrohttpd. Red Hat host operating systems are not at risk.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libmicrohttpd | Will not fix | ||
| Red Hat Enterprise Linux 6 | libmicrohttpd | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libmicrohttpd | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libmicrohttpd | Not affected | ||
| Red Hat Enterprise Linux 9 | libmicrohttpd | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Will not fix |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1. ...
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service (DoS) condition.
5.3 Medium
CVSS3