CVE-2020-28928
Published: 24 November 2020
In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
Priority
Medium
CVSS 3 base score: 5.5
Status
| Package | Release | Status |
|---|---|---|
|
musl Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Needs triage
|
|
| groovy |
Ignored
(reached end-of-life)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Needs triage
|
|
| jammy |
Needs triage
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Ignored
(end of standard support, was needs-triage)
|