CVE-2018-20547 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libcaca
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents6 sources
Severity
8.1HIGHNVD
OSV5.5
EPSS
1.0%
top 22.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 28
Latest updateMay 13
Description
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 2.8 | Impact: 5.2
Affected Packages5 packages
Also affects: Debian Linux 8.0, Fedora 34, 35, 36, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 18.10
Patches
🔴Vulnerability Details
3📋Vendor Advisories
3💬Community
4Bugzilla▶
CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [fedora-all]↗2019-03-12
Bugzilla▶
CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [fedora-all]↗2019-03-12
Bugzilla▶
CVE-2018-20547 libcaca: out of bounds read in function get_rgba_default in caca/dither.c for 24bpp data↗2019-03-12
Bugzilla▶
CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [epel-all]↗2019-03-12