Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-30184 - log back

CVE-2021-30184 edited at 07 Apr 2021 17:06:02

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Arbitrary code execution

Description

+	GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc.

References

+	https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html
+	https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/txtJ07eHdR0m6.txt

Notes

CVE-2021-30184 created at 07 Apr 2021 17:05:00