CVE-2023-32181

Published: Jun 1, 2023Modified: Jan 10, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2.

Affected (1)

Products: Opensuse: Libeconf

Opensuse

1 product

Libeconf

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Libeconf	Before 0.5.2

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (5)

https://https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32181

Source: meissner@suse.de

Broken LinkIssue TrackingVendor Advisory

https://https://github.com/openSUSE/libeconf/issues/178

Source: meissner@suse.de

Broken LinkIssue TrackingVendor Advisory

https://https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32181

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkIssue TrackingVendor Advisory

https://https://github.com/openSUSE/libeconf/issues/178

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkIssue TrackingVendor Advisory

https://github.com/openSUSE/libeconf/issues/178

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Timeline

No history available yet.