CVE-2018-17294 — Out-of-bounds Read in Liblouis

CWE-125 — Out-of-bounds Read CWE-121 — Stack-based Buffer Overflow10 documents8 sources

Severity

6.5MEDIUMNVD

OSV8.8

EPSS

0.5%

top 33.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Liblouis Canonical Ubuntu Linux Opensuse Leap

Timeline

PublishedSep 21

Latest updateMay 14

Description

The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶NVDliblouis/liblouis< 3.7.0

▶Debianliblouis/liblouis< 3.7.0-1+3

▶Ubuntuliblouis/liblouis< 2.5.3-2ubuntu1.5+2

▶NVDopensuse/leap15.0

Also affects: Ubuntu Linux 14.04, 16.04, 18.04

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-xg7f-9m4r-jh69: The matchCurrentInput function inside lou_translateString↗2022-05-14

▶

OSV

liblouis vulnerabilities↗2018-10-03

▶

CVEList

CVE-2018-17294: The matchCurrentInput function inside lou_translateString↗2018-09-21

▶

OSV

CVE-2018-17294: The matchCurrentInput function inside lou_translateString↗2018-09-21

▶

📋Vendor Advisories

Ubuntu

Liblouis vulnerabilities↗2018-10-03

▶

Red Hat

liblouis: Stack-based buffer over-read in matchCurrentInput function lou_translateString.c↗2018-09-24

▶

Debian

CVE-2018-17294: liblouis - The matchCurrentInput function inside lou_translateString.c of Liblouis prior to...↗2018

▶

💬Community

Bugzilla

CVE-2018-17294 liblouis: Stack-based buffer over-read in matchCurrentInput function lou_translateString.c↗2018-09-25

▶

Bugzilla

CVE-2018-17294 liblouis: Stack-based buffer over-read in matchCurrentInput function lou_translateString.c [fedora-all]↗2018-09-25

▶