1. CVE-Search
  2. CVE-2019-3817
ID CVE-2019-3817
Summary A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.
References
Vulnerable Configurations
  • cpe:2.3:a:rpm:libcomps:0.1.1-1:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.1-1:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.4-4:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.4-4:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:rpm:libcomps:0.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:rpm:libcomps:0.1.9:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 09-10-2019 - 23:49)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1746349
    title with repositories with dots
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment libsolv is earlier than 0:0.7.4-3.el8
            oval oval:com.redhat.rhsa:tst:20193583001
          • comment libsolv is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192290002
        • AND
          • comment libsolv-debugsource is earlier than 0:0.7.4-3.el8
            oval oval:com.redhat.rhsa:tst:20193583003
          • comment libsolv-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583004
        • AND
          • comment librhsm is earlier than 0:0.0.3-3.el8
            oval oval:com.redhat.rhsa:tst:20193583005
          • comment librhsm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583006
        • AND
          • comment librhsm-debugsource is earlier than 0:0.0.3-3.el8
            oval oval:com.redhat.rhsa:tst:20193583007
          • comment librhsm-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583008
        • AND
          • comment libcomps is earlier than 0:0.1.11-2.el8
            oval oval:com.redhat.rhsa:tst:20193583009
          • comment libcomps is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583010
        • AND
          • comment libcomps-debugsource is earlier than 0:0.1.11-2.el8
            oval oval:com.redhat.rhsa:tst:20193583011
          • comment libcomps-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583012
        • AND
          • comment libcomps-devel is earlier than 0:0.1.11-2.el8
            oval oval:com.redhat.rhsa:tst:20193583013
          • comment libcomps-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583014
        • AND
          • comment python3-libcomps is earlier than 0:0.1.11-2.el8
            oval oval:com.redhat.rhsa:tst:20193583015
          • comment python3-libcomps is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583016
        • AND
          • comment createrepo_c is earlier than 0:0.11.0-3.el8
            oval oval:com.redhat.rhsa:tst:20193583017
          • comment createrepo_c is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583018
        • AND
          • comment createrepo_c-debugsource is earlier than 0:0.11.0-3.el8
            oval oval:com.redhat.rhsa:tst:20193583019
          • comment createrepo_c-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583020
        • AND
          • comment createrepo_c-devel is earlier than 0:0.11.0-3.el8
            oval oval:com.redhat.rhsa:tst:20193583021
          • comment createrepo_c-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583022
        • AND
          • comment createrepo_c-libs is earlier than 0:0.11.0-3.el8
            oval oval:com.redhat.rhsa:tst:20193583023
          • comment createrepo_c-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583024
        • AND
          • comment python3-createrepo_c is earlier than 0:0.11.0-3.el8
            oval oval:com.redhat.rhsa:tst:20193583025
          • comment python3-createrepo_c is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583026
        • AND
          • comment dnf-plugins-core is earlier than 0:4.0.8-3.el8
            oval oval:com.redhat.rhsa:tst:20193583027
          • comment dnf-plugins-core is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583028
        • AND
          • comment python3-dnf-plugin-versionlock is earlier than 0:4.0.8-3.el8
            oval oval:com.redhat.rhsa:tst:20193583029
          • comment python3-dnf-plugin-versionlock is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583030
        • AND
          • comment python3-dnf-plugins-core is earlier than 0:4.0.8-3.el8
            oval oval:com.redhat.rhsa:tst:20193583031
          • comment python3-dnf-plugins-core is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583032
        • AND
          • comment yum-utils is earlier than 0:4.0.8-3.el8
            oval oval:com.redhat.rhsa:tst:20193583033
          • comment yum-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20182284054
        • AND
          • comment microdnf is earlier than 0:3.0.1-3.el8
            oval oval:com.redhat.rhsa:tst:20193583035
          • comment microdnf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583036
        • AND
          • comment microdnf-debugsource is earlier than 0:3.0.1-3.el8
            oval oval:com.redhat.rhsa:tst:20193583037
          • comment microdnf-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583038
        • AND
          • comment dnf is earlier than 0:4.2.7-6.el8
            oval oval:com.redhat.rhsa:tst:20193583039
          • comment dnf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583040
        • AND
          • comment dnf-automatic is earlier than 0:4.2.7-6.el8
            oval oval:com.redhat.rhsa:tst:20193583041
          • comment dnf-automatic is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583042
        • AND
          • comment dnf-data is earlier than 0:4.2.7-6.el8
            oval oval:com.redhat.rhsa:tst:20193583043
          • comment dnf-data is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583044
        • AND
          • comment python3-dnf is earlier than 0:4.2.7-6.el8
            oval oval:com.redhat.rhsa:tst:20193583045
          • comment python3-dnf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583046
        • AND
          • comment yum is earlier than 0:4.2.7-6.el8
            oval oval:com.redhat.rhsa:tst:20193583047
          • comment yum is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583048
        • AND
          • comment librepo is earlier than 0:1.10.3-3.el8
            oval oval:com.redhat.rhsa:tst:20193583049
          • comment librepo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583050
        • AND
          • comment librepo-debugsource is earlier than 0:1.10.3-3.el8
            oval oval:com.redhat.rhsa:tst:20193583051
          • comment librepo-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583052
        • AND
          • comment python3-librepo is earlier than 0:1.10.3-3.el8
            oval oval:com.redhat.rhsa:tst:20193583053
          • comment python3-librepo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583054
        • AND
          • comment libdnf is earlier than 0:0.35.1-8.el8
            oval oval:com.redhat.rhsa:tst:20193583055
          • comment libdnf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583056
        • AND
          • comment libdnf-debugsource is earlier than 0:0.35.1-8.el8
            oval oval:com.redhat.rhsa:tst:20193583057
          • comment libdnf-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583058
        • AND
          • comment python3-hawkey is earlier than 0:0.35.1-8.el8
            oval oval:com.redhat.rhsa:tst:20193583059
          • comment python3-hawkey is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583060
        • AND
          • comment python3-libdnf is earlier than 0:0.35.1-8.el8
            oval oval:com.redhat.rhsa:tst:20193583061
          • comment python3-libdnf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193583062
    rhsa
    id RHSA-2019:3583
    released 2019-11-05
    severity Moderate
    title RHSA-2019:3583: yum security, bug fix, and enhancement update (Moderate)
  • rhsa
    id RHSA-2019:3898
rpms
  • createrepo_c-0:0.11.0-3.el8
  • createrepo_c-debuginfo-0:0.11.0-3.el8
  • createrepo_c-debugsource-0:0.11.0-3.el8
  • createrepo_c-devel-0:0.11.0-3.el8
  • createrepo_c-libs-0:0.11.0-3.el8
  • createrepo_c-libs-debuginfo-0:0.11.0-3.el8
  • dnf-0:4.2.7-6.el8
  • dnf-automatic-0:4.2.7-6.el8
  • dnf-data-0:4.2.7-6.el8
  • dnf-plugins-core-0:4.0.8-3.el8
  • libcomps-0:0.1.11-2.el8
  • libcomps-debuginfo-0:0.1.11-2.el8
  • libcomps-debugsource-0:0.1.11-2.el8
  • libcomps-devel-0:0.1.11-2.el8
  • libdnf-0:0.35.1-8.el8
  • libdnf-debuginfo-0:0.35.1-8.el8
  • libdnf-debugsource-0:0.35.1-8.el8
  • librepo-0:1.10.3-3.el8
  • librepo-debuginfo-0:1.10.3-3.el8
  • librepo-debugsource-0:1.10.3-3.el8
  • librhsm-0:0.0.3-3.el8
  • librhsm-debuginfo-0:0.0.3-3.el8
  • librhsm-debugsource-0:0.0.3-3.el8
  • libsolv-0:0.7.4-3.el8
  • libsolv-debuginfo-0:0.7.4-3.el8
  • libsolv-debugsource-0:0.7.4-3.el8
  • libsolv-demo-debuginfo-0:0.7.4-3.el8
  • libsolv-tools-debuginfo-0:0.7.4-3.el8
  • microdnf-0:3.0.1-3.el8
  • microdnf-debuginfo-0:3.0.1-3.el8
  • microdnf-debugsource-0:3.0.1-3.el8
  • perl-solv-debuginfo-0:0.7.4-3.el8
  • python3-createrepo_c-0:0.11.0-3.el8
  • python3-createrepo_c-debuginfo-0:0.11.0-3.el8
  • python3-dnf-0:4.2.7-6.el8
  • python3-dnf-plugin-versionlock-0:4.0.8-3.el8
  • python3-dnf-plugins-core-0:4.0.8-3.el8
  • python3-hawkey-0:0.35.1-8.el8
  • python3-hawkey-debuginfo-0:0.35.1-8.el8
  • python3-libcomps-0:0.1.11-2.el8
  • python3-libcomps-debuginfo-0:0.1.11-2.el8
  • python3-libdnf-0:0.35.1-8.el8
  • python3-libdnf-debuginfo-0:0.35.1-8.el8
  • python3-librepo-0:1.10.3-3.el8
  • python3-librepo-debuginfo-0:1.10.3-3.el8
  • python3-solv-debuginfo-0:0.7.4-3.el8
  • ruby-solv-debuginfo-0:0.7.4-3.el8
  • yum-0:4.2.7-6.el8
  • yum-utils-0:4.0.8-3.el8
  • libcomps-0:0.1.8-13.el7
  • libcomps-debuginfo-0:0.1.8-13.el7
  • libcomps-devel-0:0.1.8-13.el7
  • libcomps-doc-0:0.1.8-13.el7
  • python-libcomps-doc-0:0.1.8-13.el7
  • python2-libcomps-0:0.1.8-13.el7
refmap via4
confirm
Last major update 09-10-2019 - 23:49
Published 27-03-2019 - 13:29
Last modified 09-10-2019 - 23:49
Back to Top