CVE-2018-20230 (NVD)

2018-12-19

An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Products Pspp
Type Out-of-bounds Write (CWE-787)
First patch - None (likely due to unavailable code)
Links https://bugzilla.redhat.com/show_bug.cgi?id=1660318