RSS   Vulnerabilities for 'Libsolv'   RSS

2018-12-28
 
CVE-2018-20534

CWE-399
 

 
** DISPUTED ** There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application.

 
 
CVE-2018-20533

CWE-476
 

 
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.

 
 
CVE-2018-20532

CWE-476
 

 
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.

 

 >>> Vendor: Opensuse 24 Products
Opensuse
Zypper
Libxcrypt
OSC
SRVX
Evergreen
Libstorage
Libstorage-ng
Suse linux enterprise desktop
Suse linux enterprise server
Suse linux enterprise software development kit
Linux enterprise desktop
Linux enterprise workstation extension
Nonfree
LEAP
Libzypp
Cryptctl
Open build service
Sysconfig
Libsolv
Opensuse leap
Yast2-samba-provision
Yast2-printer
Backports


Copyright 2019, cxsecurity.com

 

Back to Top