CVE-2019-20367

Published: 08 January 2020

nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab).

Priority

Medium

CVSS 3 base score: 9.1

Status

Package Release Status
libbsd
Launchpad, Ubuntu, Debian
Upstream
Released (0.10.0-1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (0.8.7-1ubuntu0.1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (0.8.2-1ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (0.6.0-2ubuntu1+esm1)
Patches:
Upstream: https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b