Описание
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.0.27-1~experimental3ubuntu2.3 |
| devel | not-affected | 1.0.30-1~experimental2ubuntu1 |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 1.0.27-1~experimental3ubuntu2.3 |
| esm-infra/focal | released | 1.0.29-0ubuntu5.1 |
| esm-infra/xenial | not-affected | code not present |
| focal | released | 1.0.29-0ubuntu5.1 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
7.9 High
CVSS2
8.8 High
CVSS3
Связанные уязвимости
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicio ...
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
Уязвимость функции epsonds_net_read компонента epsonds-net.c API устройства сканирования растровых изображений SANE, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
7.9 High
CVSS2
8.8 High
CVSS3