Published: 08/08/2023 Updated: 07/11/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

log_blackbox.c in libqb prior to 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.

Vulnerable Product	Search on Vulmon	Subscribe to Product
clusterlabs libqb

Synopsis Moderate: libqb security update Type / Sévérité Security Advisory: Moderate Analyse des correctifs dans Red Hat Insights Identifiez et remédiez aux systèmes concernés par cette alerte Voir les systèmes concernés Sujet An update for libqb is now available for Red Hat Enterprise Linux 92 Extended Update SupportRed ...

Synopsis Moderate: libqb security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for libqb is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Security has rated this ...

DescriptionThe MITRE CVE dictionary describes this issue as: log_blackboxc in libqb before 208 allows a buffer overflow via long log messages because the header size is not considered ...

CWE-120 https://github.com/ClusterLabs/libqb/pull/490 https://github.com/ClusterLabs/libqb/commit/1bbaa929b77113532785c408dd1b41cd0521ffc8 https://github.com/ClusterLabs/libqb/compare/v2.0.7...v2.0.8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KECNF7LFBPE57XSBT6EM7ACVMIBP63WH/https://access.redhat.com/errata/RHSA-2023:7376 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-39976

CVE-2023-39976

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect