CVE-2018-1000052

Priority
Description
fmtlib version prior to version 4.1.0 (before commit
0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption
(SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can
result in Denial of Service. This attack appear to be exploitable via
Specifying an invalid format specifier in the fmt::print() function results
in a SIGSEGV (memory corruption, invalid write). This vulnerability appears
to have been fixed in after commit
8cf30aa2be256eba07bb1cefb998c52326e846e7.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):needs-triage
Ubuntu 19.04 (Disco Dingo):needs-triage
More Information

Updated: 2019-03-19 11:26:50 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)