CVE-2018-20533

Impact:
Low
Public Date:
2018-11-22
CWE:
CWE-476
Bugzilla:
1665535: CVE-2018-20533 libsolv: NULL pointer dereference in function testcase_str2dep_complex

The MITRE CVE dictionary describes this issue as:

There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.

Find out more about CVE-2018-20533 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.

CVSS3 Base Score 3.3
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact Low

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 8 libsolv Not affected
Red Hat Enterprise Linux 7 libsolv Affected
Last Modified

CVE description copyright © 2017, The MITRE Corporation