Linux Distros Unpatched Vulnerability : CVE-2019-17545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded. CVE-2019-17545 Note that Nessus...

Vulnerability of the OGRExpatRealloc function in the ogr/ogr_expat.cpp file. The GDAL geospatial transformation library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

Vulnerability of the OGRExpatRealloc function in the ogr/ogrexpat.cpp file. The GDAL geoprocessing library involves repeated memory reclamation. Exploiting this vulnerability may allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...

GDAL Double Release Vulnerability

GDAL is an open source software library for manipulating various raster and vector geospatial data formats. A poolDestroy double-release vulnerability exists in OGRExpatRealloc in ogr/ogrexpat.cpp in GDAL 3.0.1 and earlier when the 10MB threshold is exceeded, and no detailed vulnerability details...

PT-2019-6214 · Osgeo +3 · Gdal +3

Name of the Vulnerable Software and Affected Versions: GDAL versions 3.0.1 and earlier Description: The issue is related to a double free in the OGRExpatRealloc function in the ogr/ogr expat.cpp file of the GDAL library, which occurs when the 10MB threshold is exceeded. This can allow a remote...