Vulnerability Details : CVE-2020-11958
re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme.
Vulnerability category: OverflowMemory Corruption
Products affected by CVE-2020-11958
- cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
- cpe:2.3:a:re2c:re2c:1.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-11958
0.17%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-11958
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2020-11958
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-11958
-
https://www.openwall.com/lists/oss-security/2020/04/19/1
oss-security - re2c: heap overflow in Scanner::fill (scanner.cc)Mailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2020/04/21/1
oss-security - Re: re2c: heap overflow in Scanner::fill (scanner.cc)Mailing List;Third Party Advisory
-
https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a
Fix crash in lexer refill (reported by Agostino Sarubbo). · skvadrik/re2c@c4603ba · GitHubPatch;Third Party Advisory
-
https://blogs.gentoo.org/ago/2020/04/19/re2c-heap-overflow-in-scannerfill-scanner-cc/
re2c: heap overflow in Scanner::fill (scanner.cc) | agostino's blogThird Party Advisory
-
https://usn.ubuntu.com/4338-2/
USN-4338-2: re2c vulnerability | Ubuntu security noticesThird Party Advisory
-
https://security.gentoo.org/glsa/202007-28
re2c: Buffer overflow (GLSA 202007-28) — Gentoo securityThird Party Advisory
-
https://usn.ubuntu.com/4338-1/
USN-4338-1: re2c vulnerability | Ubuntu security noticesThird Party Advisory
Jump to