Lucene search
Veracode Vulnerability DatabaseVERACODE:42957HistoryAug 25, 2023 - 6:10 a.m.
Denial Of Service (DoS)
2023-08-2506:10:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
denial of service
libeconf.so
stack overflow
application crash
arbitrary code
libeconf.so is vulnerable to Denial Of Service (DoS). The vulnerability exists in the econf_writeFile function at libeconf.c due to a stack overflow error which allows an attacker to cause an application crash, or execute arbitrary code.
References
github.com/advisories/GHSA-j9r5-cg9x-96c5
github.com/openSUSE/libeconf/commit/8d086dfc69d4299e55e4844e3573b3a4cf420f19
github.com/openSUSE/libeconf/issues/178
github.com/yangjiageng/PoC/blob/master/libeconf-PoC/econf_writeFile_546
raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-write-string-data.c
Related
redhatcve
redhatcve
CVE-2023-30078
2023-08-24 15:19:09
debiancve
debiancve
CVE-2023-30078
2023-08-22 19:16:00
ubuntucve
ubuntucve
CVE-2023-30078
2023-08-22 00:00:00
cvelist
cvelist
CVE-2023-30078
1976-01-01 00:00:00
prion
prion
Stack overflow in Opensuse - Libeconf
2023-08-22 19:16:00
nvd
nvd
CVE-2023-30078
2023-08-22 19:16:36
cve
cve
CVE-2023-30078
2023-08-22 19:16:36
osv
osv
CVE-2023-30078
2023-08-22 19:16:36
Security update for libeconf
2024-07-12 13:00:51
openvas
openvas
openSUSE: Security Advisory for libeconf (SUSE-SU-2023:3954-1)
2024-03-04 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libeconf (SUSE-SU-2023:3954-1)
2023-10-04 00:00:00
SUSE SLES15 Security Update : libeconf (SUSE-SU-2023:3639-1)
2023-09-19 00:00:00
Related for VERACODE:42957