Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
GHSL-2023-011: Out-of-bounds read when decoding
Out-of-bounds read when decoding target information (GHSL-2023-011) Fixes defect GHSL-2023-011 found by the GitHub Security Lab team via oss-fuzz. The lenght of the av_pair is not checked properly for two of the elements. In case the lenght is shorter than requires this may cause an out-of-bound read that either reads garbage or may cause a crash by reading unmapped memory. This can be exploited to crash the service causing a DoS. Signed-off-by: Simo Sorce <simo@redhat.com>
- Loading branch information