CVE-2018-20549 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libcaca

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.9%

top 23.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libcaca Project Libcaca Debian Libcaca Canonical Ubuntu Linux +3 more

Timeline

PublishedDec 28

Latest updateMay 13

Description

There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/libcaca< libcaca 0.99.beta19-2.1 (bookworm)

▶Debianlibcaca_project/libcaca< 0.99.beta19-2.1+3

▶NVDlibcaca_project/libcaca0.99

▶NVDopensuse/leap15.0

Also affects: Debian Linux 8.0, Fedora 34, 35, 36, Ubuntu Linux 12.04, 14.04, 16.04, 18.04, 18.10

🔴Vulnerability Details

GHSA

GHSA-9r44-h34p-vx3x: There is an illegal WRITE memory access at caca/file↗2022-05-13

▶

OSV

CVE-2018-20549: There is an illegal WRITE memory access at caca/file↗2018-12-28

▶

📋Vendor Advisories

Ubuntu

libcaca vulnerabilities↗2019-01-15

▶

Ubuntu

libcaca vulnerabilities↗2019-01-15

▶

Debian

CVE-2018-20549: libcaca - There is an illegal WRITE memory access at caca/file.c (function caca_file_read)...↗2018

▶

💬Community

Bugzilla

CVE-2018-20549 libcaca: out of bounds write in function caca_file_read in caca/file.c↗2019-03-12

▶

Bugzilla

CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [fedora-all]↗2019-03-12

▶

Bugzilla

CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [fedora-all]↗2019-03-12

▶

Bugzilla

CVE-2018-20544 CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 libcaca: various flaws [epel-all]↗2019-03-12

▶