Bug 2234472 (CVE-2023-30078) - CVE-2023-30078 libeconf: Stack overflow in function econf_writeFile at libeconf/lib/libeconf.c
Summary: CVE-2023-30078 libeconf: Stack overflow in function econf_writeFile at libeco...
Keywords:
Status: NEW
Alias: CVE-2023-30078
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2234498 2235235 2235237 2235238
Blocks: 2234597
TreeView+ depends on / blocked
 
Reported: 2023-08-24 14:55 UTC by Pedro Sampaio
Modified: 2023-09-22 12:22 UTC (History)
1 user (show)

Fixed In Version: libeconf 0.5.2
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the libeconf library. This issue occurs when parsing a specially crafted configuration file, causing a stack-based buffer overflow that results in a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Pedro Sampaio 2023-08-24 14:55:50 UTC
A stack overflow vulnerability exists in function econf_writeFile in file atlibeconf/lib/libeconf.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code.

References:

https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-write-string-data.c
https://github.com/openSUSE/libeconf/issues/178
https://github.com/yangjiageng/PoC/blob/master/libeconf-PoC/econf_writeFile_546

Comment 2 Sandipan Roy 2023-08-28 05:37:55 UTC
Created libeconf tracking bugs for this issue:

Affects: fedora-all [bug 2235235]


Note You need to log in before you can comment on or make changes to this bug.