Null pointer dereference

There is a NULL pointer dereference at ext/testcase.c function testcaseread in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service...

CVE-2018-20534

CVE-2018-20534 refers to an illegal address access in libsolv.a (libsolv) in versions up to 0.7.2, which the sources describe as causing a denial of service. The issue is echoed across multiple advisories (e.g., Ubuntu USN-4851, Oracle Linux ELSA, AlmaLinux ALSA) and is noted in some entries as d...

CVE-2018-20534

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application...

CVE-2018-20533

CVE-2018-20533 is a NULL pointer dereference vulnerability in libsolvext.a (libsolv) affecting libsolv up to version 0.7.2, specifically in ext/testcase.c (testcase_str2dep_complex). Exploitation context and affected packages are evidenced across multiple advisories and Nessus plugins (e.g., Orac...

UBUNTU-CVE-2018-20532

There is a NULL pointer dereference at ext/testcase.c function testcaseread in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service...

UBUNTU-CVE-2018-20534

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application...

Libsolv Illegal Address Access Vulnerability

Libsolv is a free package management library. An illegal address access vulnerability exists in the poolwhatprovides function in src/pool.h in libsolv.a in libsolv 0.7.2 and earlier. An attacker can exploit this vulnerability to cause a denial of service...

UBUNTU-CVE-2018-20533

There is a NULL pointer dereference at ext/testcase.c function testcasestr2depcomplex in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service...

libsolv null pointer dereference vulnerability (CNVD-2019-40948)

Libsolv is a free package management library. A null pointer dereference vulnerability exists in the testcasestr2depcomplex function in ext/testcase.c in libsolvext.a in libsolv 0.7.2 and earlier. An attacker could exploit this vulnerability to cause a denial of service...

Libsolv Null Pointer Dereference Vulnerability

Libsolv is a free package management library. A null pointer dereference vulnerability exists in the testcaseread function in ext/testcase.c in libsolvext.a in libsolv 0.7.2 and earlier. An attacker can exploit this vulnerability to cause a denial of service...

PT-2018-2666 · Opensuse +4 · Libsolv +4

Name of the Vulnerable Software and Affected Versions: libsolv versions through 0.7.2 Description: The issue is related to errors in resource management, specifically in the pool whatprovides function of the libsolv library. It may allow a remote attacker to cause a denial of service. However, it...

openSUSE: Security Advisory for libzypp (openSUSE-SU-2018:2739-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for libzypp, zypper (important)

This update for libzypp, zypper, libsolv provides the following fixes: Security fixes in libzypp: - CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 - CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp: - Update to version...

[SECURITY] Fedora 27 Update: libzypp-16.17.20-1.fc27

libzypp is a library for package management built on top of the libsolv library. It is the foundation for the Zypper package manager...

openSUSE Security Update : libzypp / zypper (openSUSE-2018-1017)

This update for libzypp, zypper, libsolv provides the following fixes : Security fixes in libzypp : - CVE-2018-7685: PackageProvider: Validate RPMs before caching bsc1091624, bsc1088705 - CVE-2017-9269: Be sure bad packages do not stay in the cache bsc1045735 Changes in libzypp : - Update to...

[SECURITY] Fedora 28 Update: libzypp-17.6.2-1.fc28

libzypp is a library for package management built on top of the libsolv library. It is the foundation for the Zypper package manager...