Lucene search
HistoryFeb 29, 2024 - 1:44 a.m.
CVE-2024-25713
yyjson vulnerability code execution security pool allocator
yyjson through 0.8.0 has a double free, leading to remote code execution in some cases, because the pool_free function lacks loop checks. (pool_free is part of the pool series allocator, along with pool_malloc and pool_realloc.)
References
github.com/ibireme/yyjson/security/advisories/GHSA-q4m7-9pcm-fpxh
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6KQ67T4R7QEWURW5NMCCVLTBASL4ECHE/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NNICQVIF7BRYFWYRL3HPVAJIPXN4OVTX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TKQPEREDUDKGYJMFNFDQVYCVLWDRO2Y2/
Related
openvas
openvas
Fedora: Security Advisory for yyjson (FEDORA-2024-8c48a81cb9)
2024-05-27 00:00:00
Fedora: Security Advisory for yyjson (FEDORA-2024-ef2e551fab)
2024-05-27 00:00:00
Fedora: Security Advisory for yyjson (FEDORA-2024-4691d60717)
2024-05-27 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: yyjson-0.9.0-1.fc38
2024-04-17 02:12:26
[SECURITY] Fedora 40 Update: yyjson-0.9.0-1.fc40
2024-04-19 21:43:27
[SECURITY] Fedora 39 Update: yyjson-0.9.0-1.fc39
2024-04-17 02:19:50
prion
prion
Double free
2024-02-29 01:44:00
osv
osv
CVE-2024-25713
2024-02-29 01:44:16
cvelist
cvelist
CVE-2024-25713
2024-02-11 00:00:00
debiancve
debiancve
CVE-2024-25713
2024-02-29 01:44:16
veracode
veracode
Double Free
2024-03-06 05:46:08
nessus
nessus
Fedora 38 : yyjson (2024-4691d60717)
2024-04-17 00:00:00
Fedora 39 : yyjson (2024-ef2e551fab)
2024-04-17 00:00:00
Fedora 40 : yyjson (2024-8c48a81cb9)
2024-04-29 00:00:00
cve
cve
CVE-2024-25713
2024-02-29 01:44:16