Bug 1793934 (CVE-2019-20391) - CVE-2019-20391 libyang: invalid memory access in resolve_feature_value() when a if-feature is used inside a bit
Summary: CVE-2019-20391 libyang: invalid memory access in resolve_feature_value() when...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-20391
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1797551 1797621 1910046
Blocks: 1790579
TreeView+ depends on / blocked
 
Reported: 2020-01-22 09:59 UTC by Riccardo Schirone
Modified: 2021-10-28 10:10 UTC (History)
2 users (show)

Fixed In Version: libyang 1.0-r3
Doc Type: If docs needed, set a value
Doc Text:
An invalid memory access flaw occurs in libyang in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to process untrusted input YANG files may crash.
Clone Of:
Environment:
Last Closed: 2021-10-28 10:10:40 UTC
Embargoed:


Attachments (Terms of Use)

Description Riccardo Schirone 2020-01-22 09:59:33 UTC
An invalid memory access flaw is present in libyang up to version v1.0-r3 in function resolve_feature_value() when a if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash.

Upstream fix:
https://github.com/CESNET/libyang/commit/bdb596ddc07596fa212f231135b87d0b9178f6f8

Upstream issue:
https://github.com/CESNET/libyang/issues/772

Comment 1 Riccardo Schirone 2020-02-03 11:48:25 UTC
Created libyang tracking bugs for this issue:

Affects: fedora-all [bug 1797551]


Note You need to log in before you can comment on or make changes to this bug.