Описание
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.82.1-0ubuntu1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | released | 2.56.4-0ubuntu0.18.04.9+esm4 |
| esm-infra/focal | released | 2.64.6-1~ubuntu20.04.8 |
| esm-infra/xenial | released | 2.48.2-0ubuntu4.8+esm4 |
| focal | released | 2.64.6-1~ubuntu20.04.8 |
| jammy | released | 2.72.4-0ubuntu2.4 |
| noble | released | 2.80.0-6ubuntu3.2 |
| oracular | released | 2.82.1-0ubuntu1 |
| plucky | released | 2.82.1-0ubuntu1 |
Показывать по
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing '\0' character.
gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one erro ...
EPSS
9.8 Critical
CVSS3