CVE-2017-13740Improper Restriction of Operations within the Bounds of a Memory Buffer in Liblouis

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-121Stack-based Buffer Overflow10 documents8 sources
Severity
8.8HIGHNVD
EPSS
0.4%
top 42.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Liblouis
Timeline
PublishedAug 29
Latest updateMay 17

Description

There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

Debianliblouis/liblouis< 3.3.0-1+3

🔴Vulnerability Details

4
GHSA
GHSA-72qw-xhg7-3mhv: There is a stack-based buffer overflow in Liblouis 32022-05-17
OSV
liblouis vulnerabilities2017-09-04
OSV
CVE-2017-13740: There is a stack-based buffer overflow in Liblouis 32017-08-29
CVEList
CVE-2017-13740: There is a stack-based buffer overflow in Liblouis 32017-08-29

📋Vendor Advisories

3
Ubuntu
Liblouis vulnerabilities2017-09-04
Red Hat
liblouis: Stack-buffer overflow in the parseChars() function2017-08-23
Debian
CVE-2017-13740: liblouis - There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the funct...2017

💬Community

2
Bugzilla
CVE-2017-13738 CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13742 CVE-2017-13743 CVE-2017-13744 liblouis: various flaws [fedora-all]2017-09-06
Bugzilla
CVE-2017-13740 liblouis: Stack-buffer overflow in the parseChars() function2017-09-06
CVE-2017-13740 — Liblouis vulnerability | cvebase