CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.

References

Affected packages

Git / github.com/cesnet/libyang

Affected ranges

Type: GIT
Repo: https://github.com/cesnet/libyang
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

f6d684ade99dd37b21babaa8a856f64faa1e2e0d

Affected versions

v0.*

v0.11-r1

v0.11-r2

v0.12-r1

v0.12-r2

v0.13-r1

v0.13-r2

v0.14-r1

v0.15-r1

v0.16-r1

v0.16-r2

v0.16-r3

v1.*

v1.0-r1

v1.0-r2

v1.0-r3

v1.0-r4

Database specific

vanir_signatures

[
    {
        "target": {
            "file": "src/parser.c"
        },
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "334471996539810398492372019661608692698",
                "321054351878955075954225498848514426410",
                "330559676876734502436713772992797683414",
                "252560790461031359405142855563144916674",
                "144772618624573536201806274884929000418",
                "264109637968431316713501596108226264326",
                "256436359385121855742879318235101508159",
                "257497894976629936425229006335056081901",
                "100741878158251156117091495233053318482",
                "164910467799438547400572389016680860836",
                "18498944879162834952018040102605963852",
                "74692603639140247032407400404797642411",
                "206905067371627550411298773987938593408",
                "199696630025075120738538754868869500982",
                "143999457789541275777950909101806597706",
                "337123191113408896032731456146724870093",
                "38506470973442490246593208062541369373",
                "232974998945348424596024458348097929279",
                "33927130023216444636510925346833465232",
                "93342640063938535690871158809650766437",
                "293607633712266074747184482139937970392",
                "323492741436382866424156113171179369045",
                "79069849395469332803695034368686753712",
                "191072771502732256344378039616340216304",
                "86287456176921863070614413732721531679",
                "93342640063938535690871158809650766437",
                "289803600205996715864181594020979185868",
                "266531099063554310931482853127352657134",
                "134765870725183274392961611215565285449",
                "129864769303552823223846541708161654256",
                "84349857869984214145950757285860606869",
                "93342640063938535690871158809650766437",
                "2691920860723853517192748457654413921",
                "196160761933978054025555355482189607179",
                "187142566956704064584681507762530907916",
                "116104360919938484163183476330351032945",
                "189158417321900088980703125751826611391",
                "14715710603002107748409467027324862864",
                "21452163599268014496861825430017078390",
                "93342640063938535690871158809650766437",
                "185031130831962799991911909667965746904",
                "217373179414626182112457442904800786364",
                "242718933368251040055759056691687502751",
                "93342640063938535690871158809650766437",
                "169472550621565699607414787057691121952",
                "114347609636665541855332385742691498326",
                "97633593029876905905445754462119764630",
                "67543373166406810932547016329833398560",
                "116801799157631809799463157479327976507",
                "288337918528810625316678962350993551572",
                "269327132366709281352608185703946293415",
                "244650307724943357708315298420783370400",
                "259820417889819695477791206026409639811",
                "83759769623718391944955031035273066796",
                "286537893458745778171946271135314213549",
                "315411243895366700643419144917671348201",
                "320543448377446559693251401697342330377",
                "163087677883701239515719122378178306820",
                "993505327199869251421308039898759985",
                "76968873125642809468597428039919814379",
                "7897699650730424187346960220384900518",
                "86936532195464564834241141806129258475",
                "143012183388028225374918525061846077256",
                "314529518830465321809357797430444363126",
                "81822149721664718623872845796634125694",
                "65629062375420202290516003165472980808",
                "144128200826374910777751276134626966025",
                "59770547100959038519763387218659507729",
                "163084928372717900405270673876217073242",
                "258714099476411362365603515506891067978",
                "200787646273356945741129916356165920740",
                "119876339178894491483853178431736108600",
                "207343411094638613303236621472701580759",
                "91610770683500600195240348424644975375",
                "43860170600015034303926382194242807218",
                "53489379656777685874493989034546079117",
                "307958280951392836544463138929309706422",
                "86772752028097542656483648212070460914",
                "181462016179561410838289068439881708468",
                "286261703346845596981542084356718267946",
                "32031408715641287946078244955786232231",
                "128924447793007793100200597654131317005",
                "28724722652751251309716732377454256305",
                "211478222578490617588045526752786821451",
                "180808194046977130665704230599333404159",
                "50645879730626450926294245922566608010",
                "157349886324739720143881325863232586172",
                "189903354822162031249207651140379387196",
                "152819423249475433864335302985625248373",
                "110421708408951972675076998062725176943",
                "20669784894527800834488827863373749690",
                "123288276936653743816454918314040986396",
                "114261504518443065273442604249227474897",
                "107967203981463349850635056600965859686",
                "158106926903656624197401611929532829826",
                "177411624331497633624319115640760156496",
                "236675276576501684116616238506458937231",
                "310514053558478448191395762883643320879"
            ]
        },
        "signature_version": "v1",
        "source": "https://github.com/cesnet/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d",
        "id": "CVE-2019-19333-54c063a4",
        "signature_type": "Line"
    },
    {
        "target": {
            "file": "src/parser.c",
            "function": "lyp_parse_value"
        },
        "deprecated": false,
        "digest": {
            "length": 15487.0,
            "function_hash": "268564139688612298568166183773794433157"
        },
        "signature_version": "v1",
        "source": "https://github.com/cesnet/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d",
        "id": "CVE-2019-19333-c41275ba",
        "signature_type": "Function"
    },
    {
        "target": {
            "file": "src/parser.c",
            "function": "make_canonical"
        },
        "deprecated": false,
        "digest": {
            "length": 3280.0,
            "function_hash": "181214448536743353973309836363174171853"
        },
        "signature_version": "v1",
        "source": "https://github.com/cesnet/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d",
        "id": "CVE-2019-19333-ebc562fa",
        "signature_type": "Function"
    }
]