ID:

CVE-2018-20534 (NVD)

- Vulnerability Info (edit)
2018-12-28

** DISPUTED ** There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application.

Products Ubuntu_linux, Libsolv
Type Resource Management Errors (CWE-399)
First patch - None (likely due to unavailable code)
Patches https://github.com/openSUSE/libsolv/pull/291
Links https://usn.ubuntu.com/3916-1/
https://bugzilla.suse.com/show_bug.cgi?id=1120631
https://access.redhat.com/errata/RHSA-2019:2290
https://bugzilla.redhat.com/show_bug.cgi?id=1652604
Annotation

Note:

No patch was assigned yet.