2232479 – (CVE-2023-38852) CVE-2023-38852 libxls: heap buffer overflow in xls_parseWorkBook() in xls.c

Bug 2232479 (CVE-2023-38852) - CVE-2023-38852 libxls: heap buffer overflow in xls_parseWorkBook() in xls.c

Summary: CVE-2023-38852 libxls: heap buffer overflow in xls_parseWorkBook() in xls.c

Keywords:
Status:	CLOSED UPSTREAM
Alias:	CVE-2023-38852
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (5):	CVE-2023-38851 CVE-2023-38853 CVE-2023-38854 CVE-2023-38855 CVE-2023-38856 (view as bug list)
Depends On:	2232511
Blocks:
TreeView+	depends on / blocked

Reported:	2023-08-17 04:56 UTC by Avinash Hanwate
Modified:	2023-09-01 06:51 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-08-17 11:59:08 UTC
Embargoed:

Attachments	(Terms of Use)

Description Avinash Hanwate 2023-08-17 04:56:07 UTC

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266.

https://github.com/libxls/libxls/issues/124

Comment 1 Rohit Keshri 2023-08-17 07:58:18 UTC

Created libxls tracking bugs for this issue:

Affects: fedora-all [bug 2232511]

Comment 2 Product Security DevOps Team 2023-08-17 11:59:06 UTC

This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.

Comment 3 TEJ RATHI 2023-09-01 06:51:14 UTC

*** Bug 2236660 has been marked as a duplicate of this bug. ***

Comment 4 TEJ RATHI 2023-09-01 06:51:21 UTC

*** Bug 2236661 has been marked as a duplicate of this bug. ***

Comment 5 TEJ RATHI 2023-09-01 06:51:27 UTC

*** Bug 2236662 has been marked as a duplicate of this bug. ***

Comment 6 TEJ RATHI 2023-09-01 06:51:35 UTC

*** Bug 2236663 has been marked as a duplicate of this bug. ***

Comment 7 TEJ RATHI 2023-09-01 06:51:43 UTC

*** Bug 2236664 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.