CVE-2018-14447Out-of-bounds Read in Project Libconfuse

CWE-125Out-of-bounds Read7 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.4%
top 36.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Debian LinuxLibconfuse Project Libconfuse
Timeline
PublishedJul 20
Latest updateMay 14

Description

trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

Also affects: Debian Linux 8.0

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-3fcp-jc98-wc37: trim_whitespace in lexer2022-05-14
OSV
CVE-2018-14447: trim_whitespace in lexer2018-07-20

💬Community

4
Bugzilla
CVE-2018-14447 libconfuse: Out-of-bounds read in src/lexer.l:trim_whitespace() [epel-all]2018-07-31
Bugzilla
CVE-2018-14447 libconfuse: Out-of-bounds read in src/lexer.l:trim_whitespace()2018-07-31
Bugzilla
CVE-2018-14447 libconfuse: Out-of-bounds read in src/lexer.l:trim_whitespace() [fedora-all]2018-07-31
Bugzilla
CVE-2018-14447 mingw-libconfuse: libconfuse: Out-of-bounds read in src/lexer.l:trim_whitespace() [fedora-all]2018-07-31