Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-20394

A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.

Published

2020-01-22T22:15:10.330

Last Modified

2024-11-21T04:38:22.870

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Primary
CWE-415

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cesnet	libyang	0.11	Yes
Application	cesnet	libyang	0.11	Yes
Application	cesnet	libyang	0.12	Yes
Application	cesnet	libyang	0.12	Yes
Application	cesnet	libyang	0.13	Yes
Application	cesnet	libyang	0.13	Yes
Application	cesnet	libyang	0.14	Yes
Application	cesnet	libyang	0.15	Yes
Application	cesnet	libyang	0.16	Yes
Application	cesnet	libyang	0.16	Yes
Application	cesnet	libyang	0.16	Yes
Application	cesnet	libyang	1.0	Yes
Application	cesnet	libyang	1.0	Yes

References

https://bugzilla.redhat.com/show_bug.cgi?id=1793932 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://github.com/CESNET/libyang/commit/6cc51b1757dfbb7cff92de074ada65e8523289a6 Patch, Third Party Advisory ([email protected])
https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3 Third Party Advisory ([email protected])
https://github.com/CESNET/libyang/issues/769 Exploit, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=1793932 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/CESNET/libyang/commit/6cc51b1757dfbb7cff92de074ada65e8523289a6 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/CESNET/libyang/issues/769 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html (af854a3a-2127-422b-91ae-364da2661108)