An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libsane-common", "binary_version": "1.0.27-1~experimental3ubuntu2.3" }, { "binary_name": "libsane-dev", "binary_version": "1.0.27-1~experimental3ubuntu2.3" }, { "binary_name": "libsane1", "binary_version": "1.0.27-1~experimental3ubuntu2.3" }, { "binary_name": "libsane1-dbgsym", "binary_version": "1.0.27-1~experimental3ubuntu2.3" }, { "binary_name": "sane-utils", "binary_version": "1.0.27-1~experimental3ubuntu2.3" }, { "binary_name": "sane-utils-dbgsym", "binary_version": "1.0.27-1~experimental3ubuntu2.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libsane", "binary_version": "1.0.29-0ubuntu5.1" }, { "binary_name": "libsane-common", "binary_version": "1.0.29-0ubuntu5.1" }, { "binary_name": "libsane-dbgsym", "binary_version": "1.0.29-0ubuntu5.1" }, { "binary_name": "libsane-dev", "binary_version": "1.0.29-0ubuntu5.1" }, { "binary_name": "libsane1", "binary_version": "1.0.29-0ubuntu5.1" }, { "binary_name": "sane-utils", "binary_version": "1.0.29-0ubuntu5.1" }, { "binary_name": "sane-utils-dbgsym", "binary_version": "1.0.29-0ubuntu5.1" } ] }