First Last Prev Next    This bug is not in your last search results.
Bug 1186237 - (CVE-2020-23856) VUL-0: CVE-2020-23856: cflow: Use-after-Free vulnerability in cflow 1.6
(CVE-2020-23856)
VUL-0: CVE-2020-23856: cflow: Use-after-Free vulnerability in cflow 1.6
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Development
Leap 15.2
Other Other
: P3 - Medium : Minor (vote)
: ---
Assigned To: Petr Uzel
Security Team bot
https://smash.suse.de/issue/284565/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-05-19 10:08 UTC by Gianluca Gabrielli
Modified: 2021-05-19 14:44 UTC (History)
0 users

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Gianluca Gabrielli 2021-05-19 10:08:53 UTC 
CVE-2020-23856

Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line)
function at src/parser.c, which could cause a denial of service via the pointer
variable caller->callee.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23856
https://github.com/yangjiageng/PoC/blob/master/PoC_cflow_uaf_parser_line1284
https://lists.gnu.org/archive/html/bug-cflow/2020-07/msg00000.html
Comment 1 Gianluca Gabrielli 2021-05-19 10:13:41 UTC 
This might affect the following packages:

 - openSUSE:Factory/cflow     1.6
 - openSUSE:Leap:15.2/cflow   1.5

I've not been able to find any official statement from cflow devs. I requested additional info to the bug reporter [0].

Last cflow release is version 1.6 (released on February 23, 2019).

[0] https://github.com/yangjiageng/PoC/issues/1
First Last Prev Next    This bug is not in your last search results.