PT-2018-12216 · Htslib · Htslib
Fcorleone
·
Published
2018-07-10
·
Updated
2024-08-05
·
CVE-2018-13843
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
HTSlib version 1.8
Description
The issue is a memory leak in the
bgzf getline function in bgzf.c. The software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library.Recommendations
For HTSlib version 1.8, consider fixing the memory leak in applications that use the HTSlib library, such as by properly freeing memory in the
bgzf getline function.Exploit
Fix
Missing Release of Resource after Effective Lifetime
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Htslib