A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2. References: https://github.com/openSUSE/libeconf/issues/177 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22652 Upstream patch: https://github.com/openSUSE/libeconf/pull/183
Created libeconf tracking bugs for this issue: Affects: fedora-all [bug 2212464]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:4347 https://access.redhat.com/errata/RHSA-2023:4347
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-22652