CVE-2019-6138

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libIEC61850 version 1.3.1

Description The issue is related to memory leaks in the Memory malloc and Memory calloc functions located in hal/memory/lib memory.c, which are called from several files including mms/iso mms/common/mms value.c, server/mms mapping/mms mapping.c, and server/mms mapping/mms sv.c (via common/string utilities.c). This is demonstrated by the example file iec61850 9 2 LE example.c.

Recommendations For libIEC61850 version 1.3.1, consider applying a patch to fix the memory leaks in the Memory malloc and Memory calloc functions. As a temporary workaround, restrict the use of the Memory malloc and Memory calloc functions until a patch is available.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALT-PU-2020-3467

ALT-PU-2020-3487

ALT-PU-2024-11160

CVE-2019-6138

Affected Products

Alt Linux

Libiec61850

CVE-2019-6138

Weakness Enumeration

Related Identifiers

Affected Products

References · 3