CVE-2018-8754

The libevtrecordvaluesreadevent() function in libevtrecordvalues.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub

References

Affected packages

Git / github.com/libyal/libevt

Affected ranges

Type: GIT
Repo: https://github.com/libyal/libevt
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9d2cc3ca0a1612a6b271abcacffc2e3eea42925e

Type: GIT
Repo: https://github.com/libyal/libevt
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9d2cc3ca0a1612a6b271abcacffc2e3eea42925e

Database specific

vanir_signatures_modified

"2026-04-11T08:05:26Z"

vanir_signatures

[
    {
        "id": "CVE-2018-8754-3f986883",
        "signature_version": "v1",
        "digest": {
            "function_hash": "328806791920141836097821925494888548548",
            "length": 13889.0
        },
        "source": "https://github.com/libyal/libevt/commit/9d2cc3ca0a1612a6b271abcacffc2e3eea42925e",
        "deprecated": false,
        "target": {
            "function": "libevt_record_values_read_event",
            "file": "libevt/libevt_record_values.c"
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2018-8754-5dc3ebe1",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "51112617817381470526898075985939226817",
                "209814071484798656978334869769637931595",
                "334780287653522716604515224877877007187",
                "16164736215274873211489266935237958324"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/libyal/libevt/commit/9d2cc3ca0a1612a6b271abcacffc2e3eea42925e",
        "deprecated": false,
        "target": {
            "file": "libevt/libevt_libfvalue.h"
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2018-8754-f73e86b8",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "92799791960137351700281435855772586932",
                "145652949093903814047424564394699575725",
                "274370936226901950082546298069264639947",
                "323513851127216338183618064940517795907",
                "228446764750223997884533712165541632311",
                "242499523647841374905494021408114950863",
                "192277143567889843270626008936986180065",
                "55192203568652503674044929168672209345",
                "6933495259059970773535786024409536809",
                "12313788311176403137741611854858197723",
                "255884067066237272731947449442511904746",
                "55192203568652503674044929168672209345",
                "124600398839188082735394436794280254776",
                "108190048222500245008484958610157010837",
                "84683154876325881690931977953289724673",
                "277999817807632283775034675856228038617"
            ],
            "threshold": 0.9
        },
        "source": "https://github.com/libyal/libevt/commit/9d2cc3ca0a1612a6b271abcacffc2e3eea42925e",
        "deprecated": false,
        "target": {
            "file": "libevt/libevt_record_values.c"
        },
        "signature_type": "Line"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8754.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "20180317"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2018-03-17"
            }
        ]
    }
]