Bug#960326: json-c: CVE-2020-12762
Hi,
On Mon, May 11, 2020 at 09:55:12PM +0200, Salvatore Bonaccorso wrote:
> Source: json-c
> Version: 0.13.1+dfsg-7
> Severity: important
> Tags: security upstream
> Forwarded: https://github.com/json-c/json-c/pull/592
>
> Hi,
>
> The following vulnerability was published for json-c.
>
> CVE-2020-12762[0]:
> | json-c through 0.14 has an integer overflow and out-of-bounds write
> | via a large JSON file, as demonstrated by printbuf_memappend.
The upstream fix introduces a regression, see in particular
https://github.com/json-c/json-c/issues/599 .
FWIW, Ubuntu has as well reverted the fix, pending further
investigation as per https://usn.ubuntu.com/4360-2/
Regards,
Salvatore
Reply to: