Описание
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The soup_header_name_to_string function does not validate the name parameter passed in, and directly accesses soup_header_name_strings[name]. The value of name is controllable, when name exceeds the index range of soup_headr_name_string, it will cause an out-of-bounds access.
Меры по смягчению последствий
Currently, no mitigation is available for this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | libsoup3 | Fix deferred | ||
| Red Hat Enterprise Linux 6 | libsoup | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libsoup | Out of support scope | ||
| Red Hat Enterprise Linux 8 | libsoup | Fix deferred | ||
| Red Hat Enterprise Linux 9 | libsoup | Fix deferred |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465
Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465
A global buffer overflow vulnerability was found in the soup_header_name_to_string function in Libsoup. The `soup_header_name_to_string` function does not validate the `name` parameter passed in, and directly accesses `soup_header_name_strings[name]`. The value of `name` is controllable, when `name` exceeds the index range of `soup_headr_name_string`, it will cause an out-of-bounds access.
5.5 Medium
CVSS3