CVE-2021-33928

Published: 02 September 2021

Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
libsolv
Launchpad, Ubuntu, Debian
Upstream
Released (0.7.17-1)
Ubuntu 21.10 (Impish Indri) Not vulnerable

Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(0.7.17-1)
Ubuntu 20.04 LTS (Focal Fossa) Needed

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(out of standard support)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist