Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-22
The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object.
Products | Igraph |
Type | NULL Pointer Dereference (CWE-476) |
First patch | - None (likely due to unavailable code) |
Links |
• https://lists.debian.org/debian-lts-announce/2019/12/msg00038.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OWCGXEINKJM3JQUPVCSN4RBTRKWBTYI7/ • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NCGDUNQYLSZLSGN6JJBORVFW46U3A75Y/ • https://github.com/igraph/igraph/issues/1141 |