CVE-2018-11683

Published: Jun 4, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.

Affected (6)

Products: Liblouis: Liblouis · Canonical: Ubuntu Linux · Opensuse: Leap

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Liblouis Liblouis	Version 3.5.0

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 17.10
Canonical Ubuntu Linux	Version 18.04

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (6)

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html

Source: cve@mitre.org

Third Party Advisory

https://github.com/liblouis/liblouis/issues/591

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://usn.ubuntu.com/3672-1/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/liblouis/liblouis/issues/591

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://usn.ubuntu.com/3672-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.