Vulnerability Details CVE-2018-11410
An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.8%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html
- http://www.securityfocus.com/bid/104324
- https://bugzilla.redhat.com/show_bug.cgi?id=1582024
- https://docs.google.com/document/d/1Uw3D6ECXZr8S2cWOTY81kg6ivv0WpR4kQqxVpUSyGUA/edit?usp=sharing
- https://usn.ubuntu.com/3669-1/
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html
- http://www.securityfocus.com/bid/104324
- https://bugzilla.redhat.com/show_bug.cgi?id=1582024
- https://docs.google.com/document/d/1Uw3D6ECXZr8S2cWOTY81kg6ivv0WpR4kQqxVpUSyGUA/edit?usp=sharing
- https://usn.ubuntu.com/3669-1/
Products affected by CVE-2018-11410
-
cpe:2.3:a:liblouis:liblouis:3.5.0
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:17.10
-
cpe:2.3:o:canonical:ubuntu_linux:18.04