|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2024-35325: python-ruamel.yaml.clib: libyaml: double-free in yaml_event_delete in /src/libyaml/src/api.c | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Camila Camargo de Matos <camila.matos> |
| Component: | Incidents | Assignee: | Security Team bot <security-team> |
| Status: | IN_PROGRESS --- | QA Contact: | Security Team bot <security-team> |
| Severity: | Major | ||
| Priority: | P3 - Medium | CC: | camila.matos, daniel.garcia, security-team, smash_bz |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| URL: | https://smash.suse.de/issue/410664/ | ||
| Whiteboard: | |||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Bug Depends on: | |||
| Bug Blocks: | 1226342 | ||
|
Description
Camila Camargo de Matos
2024-06-14 14:08:27 UTC
See bug #1226342 for a reference link which is the upstream GitHub issue where this possible vulnerability is being discussed. Possibly not a bug, upstream discussion can be found here: https://github.com/yaml/libyaml/issues/298 The code snippet uses the API in a wrong way, calling yaml_event_delete which shouldn't be called. The correct usage is documented here: https://pyyaml.org/wiki/LibYAML In the emitter example there is no usage of yaml_event_delete. yaml_emitter_delete will delete the events itself. See the discussion here: https://github.com/yaml/libyaml/issues/297 I've reviewed the embed code in the package and is not affected at all because it is using the API in the correct way. |