Veracode Vulnerability DatabaseVERACODE:43081Denial Of Service (DoS)
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
21.5%
indent is vulnerable to Denial of Service (DoS) attacks. The vulnerability exists in the search_brace function in the indent.c file. The function is responsible for searching for braces in a C code file. The vulnerability occurs when the function fails to properly check the size of the buffer that is used to store the brace information. This can allow an attacker to overflow the buffer and crash the system.
References
ftp.gnu.org/gnu/indent/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W6SL3NKMH5R4S5PD2O3MTC2UR4SBVHK/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4MIUH3F63KQJWYR3FLKRZUYYRJOY6FYX/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OB6GB6FUFPV5VJAZIANDG4YNNDW6JNXX/
lists.fedoraproject.org/archives/list/[email protected]/message/3W6SL3NKMH5R4S5PD2O3MTC2UR4SBVHK/
lists.fedoraproject.org/archives/list/[email protected]/message/4MIUH3F63KQJWYR3FLKRZUYYRJOY6FYX/
lists.fedoraproject.org/archives/list/[email protected]/message/OB6GB6FUFPV5VJAZIANDG4YNNDW6JNXX/
savannah.gnu.org/bugs/index.php?64503
security-tracker.debian.org/tracker/CVE-2023-40305
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
21.5%