Your submission was sent successfully! Close

CVE-2017-13741

Published: 29 August 2017

There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack.

Priority

Negligible

CVSS 3 base score: 6.5

Status

Package Release Status
liblouis
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Ignored

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored)

Notes

AuthorNote
ratliff
POC does not crash without ASAN, just errors out
leosilva
changing for ignored since it's ASAN issue

References