CVE-2019-19334

Published: Dec 6, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.

Affected (17)

Products: Cesnet: Libyang · Redhat: Enterprise Linux · Fedoraproject: Fedora

1 product

1 product

Enterprise Linux

1 product

Configuration A

15 vulnerable

Vulnerable Software	Affected Versions
Cesnet Libyang	Version 0.11 r1
Cesnet Libyang	Version 0.11 r2
Cesnet Libyang	Version 0.12 r1
Cesnet Libyang	Version 0.12 r2
Cesnet Libyang	Version 0.13 r1
Cesnet Libyang	Version 0.13 r2
Cesnet Libyang	Version 0.14 r1
Cesnet Libyang	Version 0.15 r1
Cesnet Libyang	Version 0.16 r1
Cesnet Libyang	Version 0.16 r2
Cesnet Libyang	Version 0.16 r3
Cesnet Libyang	Version 1.0 r1
Cesnet Libyang	Version 1.0 r2
Cesnet Libyang	Version 1.0 r3
Cesnet Libyang	Version 1.0 r4

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 31

Related CWEs

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (10)

https://access.redhat.com/errata/RHSA-2019:4360

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19334

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6

Source: secalert@redhat.com

PatchThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/

Source: secalert@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/

Source: secalert@redhat.com

https://access.redhat.com/errata/RHSA-2019:4360

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19334

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.