Description
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Red Hat / libyanglibyang all versions before 1.0-r5 – libyang all versions before 1.0-r5
References
- MISChttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19334
- PATCHhttps://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PETB6TVMFV5KUD4IKVP2JPLBCYHUGSAJ/
- MAILING_LISThttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RL54JMS7XW7PI6JC4BFSNNLSX5AINQUL/
- VENDOR_ADVISORYhttps://access.redhat.com/errata/RHSA-2019:4360