In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy() function in DriverManager/_info.c.
{ "priority_reason": "One-byte buffer overflow that isn't attacker controlled, DoS only", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libodbc1", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "libodbc1-dbgsym", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "odbcinst", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "odbcinst-dbgsym", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "odbcinst1debian2", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "odbcinst1debian2-dbgsym", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "unixodbc", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "unixodbc-dbgsym", "binary_version": "2.2.14p2-5ubuntu5+esm1" }, { "binary_name": "unixodbc-dev", "binary_version": "2.2.14p2-5ubuntu5+esm1" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "priority_reason": "One-byte buffer overflow that isn't attacker controlled, DoS only", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libodbc1", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "libodbc1-dbgsym", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "odbcinst", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "odbcinst-dbgsym", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "odbcinst1debian2", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "odbcinst1debian2-dbgsym", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "unixodbc", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "unixodbc-dbgsym", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" }, { "binary_name": "unixodbc-dev", "binary_version": "2.3.1-4.1ubuntu0.1~esm1" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "priority_reason": "One-byte buffer overflow that isn't attacker controlled, DoS only", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libodbc1", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "libodbc1-dbgsym", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "odbcinst", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "odbcinst-dbgsym", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "odbcinst1debian2", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "odbcinst1debian2-dbgsym", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "unixodbc", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "unixodbc-dbgsym", "binary_version": "2.3.4-1.1ubuntu3" }, { "binary_name": "unixodbc-dev", "binary_version": "2.3.4-1.1ubuntu3" } ], "availability": "No subscription required" }