NULL Pointer Dereference Vulnerability in Libsolv by openSUSE
CVE-2018-20532

6.5MEDIUM

Key Information:

Vendor

Opensuse
Status
Libsolv
Vendor
CVE Published:
28 December 2018

What is CVE-2018-20532?

This vulnerability in Libsolv involves a NULL pointer dereference occurring in the testcase_read function of ext/testcase.c. Exploitation of this flaw can lead to unexpected behavior and potentially result in a denial of service, making the affected system unresponsive. Users running Libsolv versions up to 0.7.2 should be particularly vigilant as this issue could compromise the reliability and functionality of their applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/openSUSE/libsolv/pull/291
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1652605
x_refsource_MISC
https://usn.ubuntu.com/3916-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.