|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2023-30078: libeconf: Stack overflow in function econf_writeFile at atlibeconf/lib/libeconf.c | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Stoyan Manolov <stoyan.manolov> |
| Component: | Incidents | Assignee: | Stefan Schubert <schubi> |
| Status: | RESOLVED DUPLICATE | QA Contact: | Security Team bot <security-team> |
| Severity: | Major | ||
| Priority: | P3 - Medium | CC: | andreas.taschner, meissner, security-team, stoyan.manolov |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/376080/ | ||
| Whiteboard: | CVSSv3.1:SUSE:CVE-2023-30078:7.8:(AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
|
Description
Stoyan Manolov
2023-08-25 06:24:51 UTC
ok, reopen (In reply to Stoyan Manolov from comment #0) > CVE-2023-30078 > > A stack overflow vulnerability exists in function econf_writeFile in file > atlibeconf/lib/libeconf.c in libeconf 0.5.1 allows attackers to cause a > Denial of service or execute arbitrary code. > > References: > > https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst- > write-string-data.c > https://github.com/openSUSE/libeconf/issues/178 This issue has already the Nr. : CVE-2023-32181 So which one shall I use for it ? I will combine the bugs.... *** This bug has been marked as a duplicate of bug 1211078 *** |