CVE-2018-16428 - In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference

CVE-2018-16428

Summary

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

References

Vulnerable Configurations

cpe:2.3:a:gnome:glib:2.56.1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:glib:2.56.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	105210
misc	https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9 https://gitlab.gnome.org/GNOME/glib/issues/1364
mlist	[debian-lts-announce] 20190731 [SECURITY] [DLA 1866-1] glib2.0 security update [oss-security] 20200214 Re: CVE for program distributing vulnerable components ?
ubuntu	USN-3767-1 USN-3767-2

Last major update

31-07-2019 - 21:15

Published

04-09-2018 - 00:29

Last modified

31-07-2019 - 21:15