libyang.so is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to cause a NULL pointer dereference via the function lys_parse_mem
in lys_parse_mem.c
, causing the application to crash.
CPE | Name | Operator | Version |
---|---|---|---|
libyang.so | le | 2.29.2 | |
libyang.so | le | 2.29.2 |
github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096
github.com/CESNET/libyang/issues/1979
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/
lists.fedoraproject.org/archives/list/[email protected]/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/
lists.fedoraproject.org/archives/list/[email protected]/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/