An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1877402 | Issue Tracking Third Party Advisory |
https://metacpan.org/pod/distribution/DBI/Changes#Changes-in-DBI-1.643 | Release Notes Third Party Advisory |
https://usn.ubuntu.com/4503-1/ | Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00067.html | Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00074.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXLKODJ7B57GITDEZZXNSHPK4VBYXYHR/ | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2020/09/msg00026.html | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Information
Published : 2020-09-16 06:15
Updated : 2021-10-19 06:44
NVD link : CVE-2020-14392
Mitre link : CVE-2020-14392
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
fedoraproject
- fedora
canonical
- ubuntu_linux
opensuse
- leap
debian
- debian_linux
perl
- database_interface