CyberSec.Space Logo
Back to CVE Browser

CVE-2018-11410

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1090%
EPSS Percentile12.71th
PublishedMay 24, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Affected Platforms (CPE)

πŸ“¦
Liblouis

Liblouis

= 3.5.0
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 16.04
πŸ’»
Canonical

Ubuntu Linux

= 17.10
πŸ’»
Canonical

Ubuntu Linux

= 18.04

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html
πŸ”— http://www.securityfocus.com/bid/104324
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=1582024
πŸ”— https://docs.google.com/document/d/1Uw3D6ECXZr8S2cWOTY81kg6ivv0WpR4kQqxVpUSyGUA/edit?usp=sharing
πŸ”— https://usn.ubuntu.com/3669-1/
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html
πŸ”— http://www.securityfocus.com/bid/104324
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=1582024

Related Vulnerabilities

CVE-2017-137408.8

There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, tha...

CVE-2017-137388.8

There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0.

CVE-2017-137398.8

There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered ...

CVE-2018-114408.8

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.