AZL-7272

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-7272.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-7272

Upstream

CVE-2010-2891

Published

2010-10-28T00:00:02Z

Modified

2026-04-21T04:33:41.838980Z

Summary

CVE-2010-2891 affecting package libsmi for versions less than 0.4.8-27

Details

Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters.

References

https://nvd.nist.gov/vuln/detail/CVE-2010-2891

Affected packages

Azure Linux:2 / libsmi

Package

Name: libsmi
Purl: pkg:rpm/azure-linux/libsmi

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.4.8-27

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-7272.json"