libyal liblnk 20191006 has a heap-based buffer over-read in the networksharenameoffset>20 code block of liblnklocationinformationreaddata in liblnklocation_information.c, a different issue than CVE-2019-17264. NOTE: the vendor has disputed this as described in the GitHub issue