Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-20398

A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash.

Published

2020-01-22T22:15:10.627

Last Modified

2024-11-21T04:38:23.490

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cesnet	libyang	0.11	Yes
Application	cesnet	libyang	0.11	Yes
Application	cesnet	libyang	0.12	Yes
Application	cesnet	libyang	0.12	Yes
Application	cesnet	libyang	0.13	Yes
Application	cesnet	libyang	0.13	Yes
Application	cesnet	libyang	0.14	Yes
Application	cesnet	libyang	0.15	Yes
Application	cesnet	libyang	0.16	Yes
Application	cesnet	libyang	0.16	Yes
Application	cesnet	libyang	0.16	Yes
Application	cesnet	libyang	1.0	Yes
Application	cesnet	libyang	1.0	Yes

References

https://bugzilla.redhat.com/show_bug.cgi?id=1793935 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08 Patch ([email protected])
https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3 Third Party Advisory ([email protected])
https://github.com/CESNET/libyang/issues/773 Exploit, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=1793935 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/CESNET/libyang/issues/773 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html (af854a3a-2127-422b-91ae-364da2661108)