CVE-2017-15101

HIGH

liblouis < 2.5.4 - Stack-Based Buffer Overflow in findTable()

Title source: llm

Description

A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.

References (2)

Core 2

Core References

Issue Tracking, Patch, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15101

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2017:3384

Scores

CVSS v3 7.8

EPSS 0.0152

EPSS Percentile 71.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119 CWE-121

Status published

Products (7)

liblouis/liblouis < 2.5.4

redhat/enterprise_linux_desktop 7.0

redhat/enterprise_linux_server 7.0

redhat/enterprise_linux_server_aus 7.4

redhat/enterprise_linux_server_eus 7.4

redhat/enterprise_linux_server_eus 7.5

redhat/enterprise_linux_workstation 7.0

Published Jul 27, 2018

Tracked Since Feb 18, 2026