UBUNTU-CVE-2020-36148

Source
https://ubuntu.com/security/CVE-2020-36148
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-36148.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-36148
Related
Published
2021-02-08T21:15:00Z
Modified
2024-11-20T12:25:54Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

References

Affected packages

Ubuntu:Pro:18.04:LTS / libmysofa

Package

Name
libmysofa
Purl
pkg:deb/ubuntu/libmysofa?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.6~dfsg0-1
0.6~dfsg0-2
0.6~dfsg0-2ubuntu0.18.04.1
0.6~dfsg0-3+deb10u1build1
0.6~dfsg0-3+deb10u1ubuntu0.1~esm1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:20.04:LTS / libmysofa

Package

Name
libmysofa
Purl
pkg:deb/ubuntu/libmysofa?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.7~dfsg0-1
0.8~dfsg0-1
0.9~dfsg0-1
0.9.1~dfsg0-1

1.*

1.0~dfsg0-1

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:22.04:LTS / libmysofa

Package

Name
libmysofa
Purl
pkg:deb/ubuntu/libmysofa?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2~dfsg0-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "low",
    "binaries": [
        {
            "binary_version": "1.2~dfsg0-1",
            "binary_name": "libmysofa-dev"
        },
        {
            "binary_version": "1.2~dfsg0-1",
            "binary_name": "libmysofa-utils"
        },
        {
            "binary_version": "1.2~dfsg0-1",
            "binary_name": "libmysofa-utils-dbgsym"
        },
        {
            "binary_version": "1.2~dfsg0-1",
            "binary_name": "libmysofa1"
        },
        {
            "binary_version": "1.2~dfsg0-1",
            "binary_name": "libmysofa1-dbgsym"
        }
    ]
}