CVE-2017-9988

CVE-2017-9988

EPSS 2.0%

The readEncUInt30 function in util/read.c in libming 0.4.8 mishandles memory allocation. A crafted input will lead to a remote denial of service (NULL pointer dereference) attack against parser.c.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/libming/libming/issues/85 https://lists.debian.org/debian-lts-announce/2017/11/msg00022.html https://security.gentoo.org/glsa/201904-24