CVE-2019-19847

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Libspiro versions prior to 20190731

Description The issue is related to a stack-based buffer overflow in the spiro to bpath0() function, located in the spiro.c file. This overflow can potentially lead to an out-of-bounds write.

Recommendations For Libspiro versions prior to 20190731, consider disabling the spiro to bpath0() function as a temporary workaround until a patch is available. Restrict access to the spiro.c module to minimize the risk of exploitation. Avoid using the affected function in critical operations until the issue is resolved.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2021-3234

AZL-7273

CVE-2019-19847

OPENSUSE-SU-2024:10996-1

Affected Products

Alt Linux

Libspiro

CVE-2019-19847

Weakness Enumeration

Related Identifiers

Affected Products

References · 10