MGASA-2020-0266

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0266.html

Import Source

https://advisories.mageia.org/MGASA-2020-0266.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2020-0266

Related

CVE-2019-1010142
CVE-2019-1010262

Published

2020-06-16T07:45:15Z

Modified

2020-06-16T07:10:07Z

Summary

Updated scapy packages fix security vulnerability

Details

Updated scapy packages fix security vulnerabilities:

A vulnerability was found in scapy 2.4.0 and earlier is affected by: Denial of Services. The impact is: busy loop forever. The component is: _RADIUSAttrPacketListField class. The attack vector is: a packet sent over the network or in a pcap (CVE-2019-1010262).

scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work (CVE-2019-1010142).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / scapy

Package

Name: scapy
Purl: pkg:rpm/mageia/scapy?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.0-3.1.mga7

Ecosystem specific

{
    "section": "core"
}