Lucene search
Veracode Vulnerability DatabaseVERACODE:36842HistoryAug 30, 2022 - 4:45 a.m.
Heap-based Buffer Overflow
2022-08-3004:45:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
heap-based buffer overflow
libmodbus.so
modbus_reply function
src/modbus.c
software
null values.
0.001 Low
EPSS
Percentile
26.0%
libmodbus.so is vulnerable to heap-based buffer overflow. The vulnerability exists in modbus_reply function at src/modbus.c because it does not check for the null values earlier. which allows an attacker to cause a buffer overflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libmodbus.so | le | 5.1.0 | |
| libmodbus.so | le | 5.1.0 | |
| libmodbus | eq | 3.1.6-r1 | |
| libmodbus:3.16 | eq | 3.1.6-r1 |
References
bugzilla.redhat.com/show_bug.cgi?id=2045571
github.com/advisories/GHSA-w46r-g3fx-q46r
github.com/stephane/libmodbus/commit/b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6
github.com/stephane/libmodbus/issues/614
github.com/stephane/libmodbus/releases/tag/v3.1.7
lists.debian.org/debian-lts-announce/2022/09/msg00007.html
www.libmodbus.org/download/
Related
openvas
openvas
Debian: Security Advisory (DLA-3098-1)
2022-09-05 00:00:00
debiancve
debiancve
CVE-2022-0367
2022-08-29 15:15:09
alpinelinux
alpinelinux
CVE-2022-0367
2022-08-29 15:15:09
ubuntucve
ubuntucve
CVE-2022-0367
2022-08-29 00:00:00
prion
prion
Heap overflow
2022-08-29 15:15:00
cve
cve
CVE-2022-0367
2022-08-29 15:15:09
osv
osv
libmodbus - security update
2022-09-04 00:00:00
CVE-2022-0367
2022-08-29 15:15:09
nessus
nessus
Debian DLA-3098-1 : libmodbus - LTS security update
2022-09-06 00:00:00
openSUSE 15 Security Update : libmodbus (openSUSE-SU-2022:10196-1)
2022-11-13 00:00:00
nvd
nvd
CVE-2022-0367
2022-08-29 15:15:09
cvelist
cvelist
CVE-2022-0367
2022-08-29 14:03:05
debian
debian
[SECURITY] [DLA 3098-1] libmodbus security update
2022-09-04 21:56:18