CVE-2019-6138

HIGH

Mz-automation Libiec61850 - Memory Leak

Title source: rule

Description

An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapping.c, and server/mms_mapping/mms_sv.c (via common/string_utilities.c), as demonstrated by iec61850_9_2_LE_example.c.

References (1)

Scores

CVSS v3 7.5
EPSS 0.0033
EPSS Percentile 55.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-401
Status published

Affected Products (1)

mz-automation/libiec61850

Timeline

Published Jan 11, 2019
Tracked Since Feb 18, 2026