Published: 29/03/2019 Updated: 28/02/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Burrow-wheeler Aligner Project

BWA (aka Burrow-Wheeler Aligner) prior to 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
burrow-wheeler aligner project burrow-wheeler aligner
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04

Debian Bug report logs - #926014 bwa: CVE-2019-10269 Package: bwa; Maintainer for bwa is Debian Med Packaging Team <debian-med-packaging@listsaliothdebianorg>; Source for bwa is src:bwa (PTS, buildd, popcon) Reported by: Markus Koschany <apo@debianorg> Date: Sat, 30 Mar 2019 11:21:02 UTC Severity: important Tags ...

BWA could be made to crash or run programs as your login if it opened a specially crafted file ...

CWE-787 https://github.com/lh3/bwa/pull/232 https://coreymhudson.github.io/bwa_vulnerabilties/https://usn.ubuntu.com/4087-1/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926014 https://usn.ubuntu.com/4087-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-10269

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect