Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-15949
HistoryFeb 23, 2022 - 12:00 a.m.

libsolv buffer overflow vulnerability

2022-02-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
21
libsolv
buffer overflow
resolve_dependencies
denial of service
vulnerability

EPSS

0.005

Percentile

76.5%

libsolv is a library for checking package dependencies. libsolv suffers from a buffer overflow vulnerability that stems from two heap overflow vulnerabilities in the resolve_dependencies function in src/solver.c in the decision mapping variable, which can be exploited by an attacker to cause a remote denial of service.