CVE-2020-36149

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-36149

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-36149.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-36149

Downstream

DEBIAN-CVE-2020-36149

UBUNTU-CVE-2020-36149

openSUSE-SU-2021:0444-1

openSUSE-SU-2021:0459-1

openSUSE-SU-2024:10960-1

Related

Published

2021-02-08T21:15:13Z

Modified

2025-09-19T12:17:29.331185Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

References

Affected packages

Git / github.com/hoene/libmysofa

Affected ranges

Type: GIT
Repo: https://github.com/hoene/libmysofa
Events: Introduced

65d92e6463537c9f7907b69c2c768a7c8c3a02b5

Last affected

cc9831fd5b20be4624f4df379b3e18fadf45aca0

Affected versions

v0.*

v0.5

v0.6

v0.7

v0.8

v0.9

v0.9.1

v1.*

v1.0

v1.1