CVE-2018-17942

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-17942

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17942.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-17942

Related

MGASA-2019-0022

Published

2018-10-03T08:29:00Z

Modified

2025-01-15T01:40:20.089129Z

Downstream

DLA-1543-1

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The converttodecimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.

References

Affected packages

Debian:11 / gnulib

Package

Name: gnulib
Purl: pkg:deb/debian/gnulib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20140202+stable-3.1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / gnulib

Package

Name: gnulib
Purl: pkg:deb/debian/gnulib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20140202+stable-3.1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / gnulib

Package

Name: gnulib
Purl: pkg:deb/debian/gnulib?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20140202+stable-3.1

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/coreutils/gnulib

Affected ranges

Type: GIT
Repo: https://github.com/coreutils/gnulib
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

278b4175c9d7dd47c1a3071554aac02add3b3c35

Fixed

278b4175c9d7dd47c1a3071554aac02add3b3c35

Affected versions

Other

CPPI-1_10

CPPI-1_8

CPPI-1_9

EMACS_20_2

EMACS_20_4

EMACS_21_1

EMACS_PRETEST_21_0_103

EMACS_PRETEST_21_0_95

FILEUTILS-3_12a

FILEUTILS-3_12f

FILEUTILS-3_12g

FILEUTILS-3_12j

FILEUTILS-3_12l

FILEUTILS-3_12m

FILEUTILS-3_12r

FILEUTILS-3_12s

FILEUTILS-3_13

FILEUTILS-3_13c

FILEUTILS-3_13f

FILEUTILS-3_13g

FILEUTILS-3_13h

FILEUTILS-3_13j

FILEUTILS-3_13k

FILEUTILS-3_14b

FILEUTILS-3_16g

FILEUTILS-3_16h

FILEUTILS-3_16i

FILEUTILS-3_16j

FILEUTILS-3_16k

FILEUTILS-3_16l

FILEUTILS-3_16m

FILEUTILS-3_16n

FILEUTILS-3_16p

FILEUTILS-3_16q

FILEUTILS-3_16r

FILEUTILS-3_16s

FILEUTILS-3_16t

FILEUTILS-3_16u

FILEUTILS-3_16v

FILEUTILS-3_16w

FILEUTILS-3_16x

FILEUTILS-3_16z

FILEUTILS-3_8_3b

FILEUTILS-4_0

FILEUTILS-4_0-b2

FILEUTILS-4_0-b3

FILEUTILS-4_0-b4

FILEUTILS-4_0-b6

FILEUTILS-4_0-b7

FILEUTILS-4_0-pre1

FILEUTILS-4_0_27

FILEUTILS-4_0_28

FILEUTILS-4_0_29

FILEUTILS-4_0_30

FILEUTILS-4_0_31

FILEUTILS-4_0_32

FILEUTILS-4_0_33

FILEUTILS-4_0_34

FILEUTILS-4_0_35

FILEUTILS-4_0_36

FILEUTILS-4_0_37

FILEUTILS-4_0_38

FILEUTILS-4_0_39

FILEUTILS-4_0_41

FILEUTILS-4_0_42

FILEUTILS-4_0_43

FILEUTILS-4_0_45

FILEUTILS-4_0e

FILEUTILS-4_0f

FILEUTILS-4_0g

FILEUTILS-4_0i

FILEUTILS-4_0j-trial

FILEUTILS-4_0k

FILEUTILS-4_0l

FILEUTILS-4_0m

FILEUTILS-4_0q

FILEUTILS-4_0r

FILEUTILS-4_0s

FILEUTILS-4_0t

FILEUTILS-4_0u

FILEUTILS-4_0v

FILEUTILS-4_0w

FILEUTILS-4_0x

FILEUTILS-4_0y

FILEUTILS-4_0z

FILEUTILS-4_1-b1

FILEUTILS-4_1-b2

FILEUTILS-4_1-b3

FILEUTILS-4_1_1

FILEUTILS-4_1_2

FILEUTILS-4_1_3

FILEUTILS-4_1_4

FILEUTILS-4_1_5

FILEUTILS-4_1_6

FILEUTILS-4_1_7

FILEUTILS-4_1_8

FILEUTILS-4_1_9

RMAIL-MBOX-BASE

SH-UTILS-1_12a

SH-UTILS-1_12d

SH-UTILS-1_12f

SH-UTILS-1_12g

SH-UTILS-1_12o

SH-UTILS-1_12p

SH-UTILS-1_12r

SH-UTILS-1_12t

SH-UTILS-1_14

SH-UTILS-1_15

SH-UTILS-1_15a

SH-UTILS-1_16

SH-UTILS-1_16a

SH-UTILS-1_16b

SH-UTILS-1_16c

SH-UTILS-1_16d

SH-UTILS-1_16f

SH-UTILS-1_16h

SH-UTILS-1_16k

SH-UTILS-1_16m

SH-UTILS-2_0

SH-UTILS-2_0_11

SH-UTILS-2_0_12

SH-UTILS-2_0a

SH-UTILS-2_0b

SH-UTILS-2_0c

SH-UTILS-2_0d

SH-UTILS-2_0e

SH-UTILS-2_0f

SH-UTILS-2_0g

SH-UTILS-2_0h

SH-UTILS-2_0i

SH-UTILS-2_0j

TEXTUTILS-1_13

TEXTUTILS-1_13g

TEXTUTILS-1_13i

TEXTUTILS-1_13j

TEXTUTILS-1_14

TEXTUTILS-1_14a

TEXTUTILS-1_14b

TEXTUTILS-1_14c

TEXTUTILS-1_14d

TEXTUTILS-1_18

TEXTUTILS-1_18e

TEXTUTILS-1_19d

TEXTUTILS-1_19g

TEXTUTILS-1_19m

TEXTUTILS-1_19n

TEXTUTILS-1_19o

TEXTUTILS-1_19q

TEXTUTILS-1_19r

TEXTUTILS-1_20a

TEXTUTILS-1_20b

TEXTUTILS-1_21a

TEXTUTILS-1_22a

TEXTUTILS-1_22c

TEXTUTILS-1_22d

TEXTUTILS-1_22f

TEXTUTILS-1_22g

TEXTUTILS-1_22h

TEXTUTILS-1_22i

TEXTUTILS-1_22j

TEXTUTILS-1_22k

TEXTUTILS-1_22l

TEXTUTILS-1_22m

TEXTUTILS-1_22n

TEXTUTILS-1_22o

TEXTUTILS-1_22p

TEXTUTILS-1_22q

TEXTUTILS-1_8b

TEXTUTILS-2_0

TEXTUTILS-2_0_10

TEXTUTILS-2_0_12

TEXTUTILS-2_0_15

TEXTUTILS-2_0_16

TEXTUTILS-2_0_17

TEXTUTILS-2_0_18

TEXTUTILS-2_0_19

TEXTUTILS-2_0_20

TEXTUTILS-2_0_21

TEXTUTILS-2_0_8

TEXTUTILS-2_0_9

TEXTUTILS-2_0a

TEXTUTILS-2_0c

TEXTUTILS-2_0e

TEXTUTILS-2_0f

TEXTUTILS-2_0g

ctype-fix

cvs-readonly

emacs-unicode-base

kfs_20030524_pre

lexbind-before-merge-20030404

merge-with-1_9_4k

post-jumbo-LFS

pre-getopt

pre-jumbo-LFS

pre-version

raeburn-tag-4-for-export

ss-940725-22h45

ss-950520-08h12-sync-tu

ss-950614-22h58-1_11_5a

textutils-1_12_1

version-3_4_2-to-fsf

version-3_4_4-tentative

v0.*

v0.0

v0.1