PT-2023-4758 · Json-C+3 · Json-C+3

Seviezhou

Publicado

2023-08-22

Atualizado

2025-06-25

CVE-2021-32292

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions json-c versions 0.14 through 0.15-20200726

Description A stack-buffer-overflow issue exists in the json parse auxiliary sample program, specifically in the parseit function. This issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations For json-c versions 0.14 through 0.15-20200726, consider disabling the parseit function as a temporary workaround until a patch is available. Restrict access to the json parse auxiliary sample program to minimize the risk of exploitation.

Exploit

Correção

DoS

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2023-6479

ALT-PU-2023-6481

ALT-PU-2023-6841

AZL-28060

BDU:2023-05198

BIT-JSON-C-2021-32292

CVE-2021-32292

DSA-5486-1

OESA-2023-1571

OESA-2023-1572

OESA-2023-1573

USN-6310-1

Produtos afetados

Alt Linux

Linuxmint

Ubuntu

Json-C

PT-2023-4758 · Json-C+3 · Json-C+3

CVE-2021-32292

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 27