CVE-2020-36148 - log back

CVE-2020-36148 edited at 08 Feb 2021 22:58:39
Severity
- Unknown
+ Low
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).
References
+ https://github.com/hoene/libmysofa/issues/138
+ https://github.com/hoene/libmysofa/pull/145
+ https://github.com/hoene/libmysofa/pull/145/commits/f082442e42cf1d9e404a36e7c7162867895e2405
+ https://github.com/hoene/libmysofa/pull/145/commits/fc8370c94f15813126f6e92a8561c796abbbd434
Notes
CVE-2020-36148 created at 08 Feb 2021 22:56:11