CVE-2019-20395 : A stack consumption issue is present in libyang before v1.0-r1 due to the self-r

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

Published 2020-01-22 22:15:10

Updated 2023-09-19 22:15:10

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2019-20395

Cesnet » Libyang » Version: 0.11 Update R1
cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.11 Update R2
cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.12 Update R1
cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.12 Update R2
cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.13 Update R1
cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.13 Update R2
cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.14 Update R1
cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.15 Update R1
cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.16 Update R1
cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.16 Update R2
cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*
Matching versions
Cesnet » Libyang » Version: 0.16 Update R3
cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-20395

EPSS FAQ

0.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 43 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-20395

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2019-20395

CWE-674 Uncontrolled Recursion

The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-20395

https://github.com/CESNET/libyang/issues/724

Segmentation fault due to self-refential union type containing leafrefs · Issue #724 · CESNET/libyang · GitHub
Exploit;Third Party Advisory
https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1

Comparing v0.16-r3...v1.0-r1 · CESNET/libyang · GitHub
Third Party Advisory

CVEs referencing this url
https://github.com/CESNET/libyang/commit/4e610ccd87a2ba9413819777d508f71163fcc237

resovle BUGFIX handle cyclic typedefs with unions · CESNET/libyang@4e610cc · GitHub
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html

[SECURITY] [DLA 3572-1] libyang security update

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=1793924

1793924 – libyang: stack-overflow when parsing yang files with self-referential union types
Issue Tracking;Third Party Advisory

Jump to

Vulnerability Details : CVE-2019-20395

Products affected by CVE-2019-20395

Exploit prediction scoring system (EPSS) score for CVE-2019-20395

CVSS scores for CVE-2019-20395

CWE ids for CVE-2019-20395

References for CVE-2019-20395