CVE-2021-3200

Description

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service

References

https://www.oracle.com/security-alerts/cpuapr2022.html

https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334

https://github.com/openSUSE/libsolv/issues/416

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3