PT-2020-6698 · Musl Libc +3 · Musl Libc +3

🗓️ 18 Nov 2020 00:00:00Reported by Positive TechnologiesType

Musl libc versions 1.2.1 and earlier have a wcsnrtombs bug causing invalid write and denial of service.

Reporter	Title	Published	Views	Family All 134
IBM Security Bulletins	Security Bulletin: IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities	27 Jan 202123:48	–	ibm
IBM Security Bulletins	Security Bulletin:Multiple vulnerabilities fixed in IBM Security Verify Bridge - Docker	22 Sep 202122:32	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities affect IBM® Cloud Private	20 Jul 201818:56	–	ibm
AlpineLinux	CVE-2016-8859	13 Feb 201718:00	–	alpinelinux
AlpineLinux	CVE-2017-15650	19 Oct 201723:00	–	alpinelinux
AlpineLinux	CVE-2019-14697	6 Aug 201915:34	–	alpinelinux
AlpineLinux	CVE-2020-28928	24 Nov 202018:01	–	alpinelinux
ArchLinux	musl: arbitrary code execution	31 Mar 201500:00	–	archlinux
ArchLinux	[ASA-201710-28] musl: arbitrary code execution	21 Oct 201700:00	–	archlinux
ArchLinux	[ASA-202011-29] musl: arbitrary code execution	26 Nov 202000:00	–	archlinux

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/DLA-2474-1
ubuntu	www.ubuntu.com/security/CVE-2020-28928
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
security-tracker	www.security-tracker.debian.org/tracker/CVE-2020-28928
errata	www.errata.altlinux.org/ALT-PU-2024-13885
ubuntu	www.ubuntu.com/security/CVE-2019-14697
cve	www.cve.org/CVERecord
oracle	www.oracle.com/security-alerts/cpuoct2021.html
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/LKQ3RVSMVZNZNO4D65W2CZZ4DMYFZN2Q
musl	www.musl.libc.org/releases.html

17 Oct 2024 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 3.15.5 - 9.8

CVSS 27.5

CVSS 39.8

EPSS0.00762