CVE-2020-29362

Опубликовано: 16 дек. 2020

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 5.3

Описание

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.

Релиз	Статус	Примечание
bionic	released	0.23.9-2ubuntu0.1
devel	released	0.23.22-1
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	released	0.23.9-2ubuntu0.1
esm-infra/focal	released	0.23.20-1ubuntu0.1
esm-infra/xenial	released	0.23.2-5~ubuntu16.04.2
focal	released	0.23.20-1ubuntu0.1
groovy	released	0.23.21-2ubuntu0.1
hirsute	released	0.23.22-1
impish	released	0.23.22-1

Показывать по

Ссылки на источники

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2020-29362

CVSS3: 5.3

redhat

около 5 лет назад

CVE-2020-29362

CVSS3: 5.3

nvd

около 5 лет назад

CVE-2020-29362

CVSS3: 5.3

msrc

около 5 лет назад

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.

CVE-2020-29362

CVSS3: 5.3

debian

около 5 лет назад

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-base ...

SUSE-SU-2022:2871-1

suse-cvrf

больше 3 лет назад

Security update for p11-kit

5 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2020-29362

Описание

Пакет p11-kit

Ссылки на источники

Связанные уязвимости