1656213 – (CVE-2018-19760) CVE-2018-19760 libconfuse: memory leak in cfg_init in confuse.c

Bug 1656213 (CVE-2018-19760) - CVE-2018-19760 libconfuse: memory leak in cfg_init in confuse.c

Summary: CVE-2018-19760 libconfuse: memory leak in cfg_init in confuse.c

Keywords:
Status:	CLOSED UPSTREAM
Alias:	CVE-2018-19760
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1656216 1656214 1656215
Blocks:
TreeView+	depends on / blocked

Reported:	2018-12-04 22:51 UTC by Laura Pardo
Modified:	2019-09-29 15:03 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-07-12 13:06:22 UTC

Attachments	(Terms of Use)

Description Laura Pardo 2018-12-04 22:51:30 UTC

An issue was found in libConfuse 3.2.2. A memory leak in cfg_init in confuse.c


Refeerences:
https://bugzilla.redhat.com/show_bug.cgi?id=1649152

Comment 1 Laura Pardo 2018-12-04 22:52:01 UTC

Created libconfuse tracking bugs for this issue:

Affects: epel-all [bug 1656216]
Affects: fedora-all [bug 1656215]


Created mingw-libconfuse tracking bugs for this issue:

Affects: fedora-all [bug 1656214]

Comment 2 Gwyn Ciesla 2018-12-05 15:17:55 UTC

Is a patch or upstream bug available?

Comment 3 Product Security DevOps Team 2019-07-12 13:06:22 UTC

ARRAY(0x55ab81a3c990)

Note You need to log in before you can comment on or make changes to this bug.