CVE-2020-36149

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-36149

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-36149.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-36149

Related

Published

2021-02-08T21:15:13Z

Modified

2024-10-12T06:35:04.638949Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

References

Affected packages

Debian:11 / libmysofa

Package

Name: libmysofa
Purl: pkg:deb/debian/libmysofa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2~dfsg0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libmysofa

Package

Name: libmysofa
Purl: pkg:deb/debian/libmysofa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2~dfsg0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libmysofa

Package

Name: libmysofa
Purl: pkg:deb/debian/libmysofa?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2~dfsg0-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/hoene/libmysofa

Affected ranges

Type: GIT
Repo: https://github.com/hoene/libmysofa
Events: Introduced

65d92e6463537c9f7907b69c2c768a7c8c3a02b5

Last affected

cc9831fd5b20be4624f4df379b3e18fadf45aca0

Affected versions

v0.*

v0.5

v0.6

v0.7

v0.8

v0.9

v0.9.1

v1.*

v1.0

v1.1