4 matches found
USN-7752-1: libyang vulnerabilities
It was discovered that libyang incorrectly handled certain memory operations when parsing YANG strings. An attacker could possibly use this issue to cause libyang to crash, resulting in a denial of service...
PT-2020-1242 · Libyang · Libyang
Name of the Vulnerable Software and Affected Versions: libyang versions prior to 1.0-r3 Description: A NULL pointer dereference issue is present in the lys extension instances free function due to a copy of unresolved extensions in lys restr dup. This can cause applications that use libyang to...
libyang: stack-based buffer overflow in make_canonical when identityref leaf type is used
A stack-based buffer overflow flaw was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or execute code...
libyang: stack-based buffer overflow in make_canonical when bits leaf type is used
A stack-based buffer overflow flaw was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or execute code...