SUSE CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

ALPINE-CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

DEBIAN-CVE-2023-24056

In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconftupleparse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes...

PT-2023-2539 · Pkgconf +2 · Pkgconf +2

Name of the Vulnerable Software and Affected Versions: pkgconf versions 1.9.3 and earlier Description: The issue is related to the pkgconf tuple parse function in libpkgconf/tuple.c, which can cause an unbounded string expansion due to incorrect checks. This can lead to a denial of service when a...