CVE-2021-3410

Published: 23 February 2021

A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context.

Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
libcaca
Launchpad, Ubuntu, Debian
Upstream
Released (0.99.beta19-2.2)
Ubuntu 21.04 (Hirsute Hippo)
Released (0.99.beta19-2.2ubuntu1)
Ubuntu 20.10 (Groovy Gorilla) Needed

Ubuntu 20.04 LTS (Focal Fossa) Needed

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Needed

Ubuntu 14.04 ESM (Trusty Tahr) Needed

Patches:
Upstream: https://github.com/cacalabs/libcaca/commit/46b4ea7cea72d6b3ffe65d33e604b1774dcc2bbd
Upstream: https://github.com/cacalabs/libcaca/commit/e4968ba6e93e9fd35429eb16895c785c51072015