Bug 1793922 (CVE-2019-20392) - CVE-2019-20392 libyang: invalid memory access when if-feature statement is used inside a list key node
Summary: CVE-2019-20392 libyang: invalid memory access when if-feature statement is us...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-20392
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1797547 1797615 1910046
Blocks: 1790579
TreeView+ depends on / blocked
 
Reported: 2020-01-22 09:26 UTC by Riccardo Schirone
Modified: 2021-10-28 10:10 UTC (History)
2 users (show)

Fixed In Version: libyang 1.0-r1
Doc Type: If docs needed, set a value
Doc Text:
An invalid memory access flaw was discovered in libyang in the function resolve_feature_value() when an if-feature statement is used inside a list key node and the feature used is not defined. Applications that use libyang to process untrusted input YANG files may crash.
Clone Of:
Environment:
Last Closed: 2021-10-28 10:10:20 UTC
Embargoed:

Attachments (Terms of Use)

Description Riccardo Schirone 2020-01-22 09:26:44 UTC 
An invalid memory access flaw is present in libyang up to version v1.0-r1 in function resolve_feature_value() when a if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.

Upstream issue:
https://github.com/CESNET/libyang/issues/723

Upstream fix:
https://github.com/CESNET/libyang/commit/32fb4993bc8bb49e93e84016af3c10ea53964be5
Comment 3 Riccardo Schirone 2021-10-28 09:14:31 UTC 
This was actually fixed in RHEL-8.4.0 as part of the libyang rebase in https://access.redhat.com/errata/RHEA-2021:1906 .
Note You need to log in before you can comment on or make changes to this bug.