CVE-2018-14447 in Ubuntu

CVE-2018-14447

Priority

Description

trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.

Ubuntu-Description

It was discovered that confuse performs an out-of-bounds read operation.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14447
http://hac425.unaux.com/index.php/archives/64/
https://github.com/martinh/libconfuse/issues/109

Notes

Package

Source: confuse (LP Ubuntu Debian)

Upstream:	released (2.7-5+deb8u1, 3.2.1+dfsg-5, 3.2.2+dfgs-1)
Ubuntu 18.04 LTS:	released (3.2.1+dfsg-4ubuntu0.1)
Ubuntu 14.04 ESM:	released (2.7-5+deb8u1build0.14.04.1)

Patches:

Upstream:

https://github.com/martinh/libconfuse/commit/4337f34dc378f4e3a77b44ec0782bd9852ebcd8e

More Information

Updated: 2022-04-13 13:20:33 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)