ID:

CVE-2018-20533 (NVD)

- Vulnerability Info (edit)
2018-12-28

There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.

Products Ubuntu_linux, Libsolv
Type NULL Pointer Dereference (CWE-476)
First patch - None (likely due to unavailable code)
Patches https://github.com/openSUSE/libsolv/pull/291
Links https://bugzilla.redhat.com/show_bug.cgi?id=1652599
https://access.redhat.com/errata/RHSA-2019:2290
https://usn.ubuntu.com/3916-1/
Annotation

Note:

No patch was assigned yet.