CVE-2020-28951

Published: Nov 19, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.

Affected (2)

Products: Openwrt: Openwrt

Openwrt

1 product

Openwrt

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Openwrt Openwrt	Before 18.06.9
Openwrt Openwrt	From 19.07.0 to 19.07.5

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (6)

https://git.openwrt.org/?p=openwrt/openwrt.git%3Ba=commit%3Bh=5625f5bc36954d644cb80adf8de47854c65d91c3

Source: cve@mitre.org

https://git.openwrt.org/?p=openwrt/openwrt.git%3Ba=log%3Bh=refs/tags/v18.06.9

Source: cve@mitre.org

https://git.openwrt.org/?p=project/uci.git%3Ba=commit%3Bh=a3e650911f5e6f67dcff09974df3775dfd615da6

Source: cve@mitre.org

https://git.openwrt.org/?p=openwrt/openwrt.git%3Ba=commit%3Bh=5625f5bc36954d644cb80adf8de47854c65d91c3

Source: af854a3a-2127-422b-91ae-364da2661108

https://git.openwrt.org/?p=openwrt/openwrt.git%3Ba=log%3Bh=refs/tags/v18.06.9

Source: af854a3a-2127-422b-91ae-364da2661108

https://git.openwrt.org/?p=project/uci.git%3Ba=commit%3Bh=a3e650911f5e6f67dcff09974df3775dfd615da6

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.