CVE-2020-36149
MEDIUMlibmysofa 0.5-1.1 - NULL Pointer Dereference in changeAttribute Function
Title source: llmDescription
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/hoene/libmysofa/issues/137
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQLNZOVVONQSZZJHQVZT6NMOUUDMGBBR/
Scores
CVSS v3
6.5
EPSS
0.0115
EPSS Percentile
63.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (2)
fedoraproject/fedora
32
symonics/libmysofa
0.5 - 1.1
Published
Feb 08, 2021
Tracked Since
Feb 18, 2026