CVE-2017-13741

There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
liblouisliblouis
3.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
liblouis
bookworm
3.24.0-1
fixed
bullseye
3.16.0-1
fixed
jessie
no-dsa
sid
3.31.0-2
fixed
trixie
3.31.0-2
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
liblouis
trusty
dne
xenial
ignored
zesty
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
liblouis-data
suse enterprise desktop 15
3.3.0-2.19
fixed
suse enterprise desktop 15 SP1
3.3.0-4.5.1
fixed
suse enterprise desktop 15 SP2
3.11.0-1.42
fixed
suse enterprise desktop 15 SP3
3.11.0-1.42
fixed
suse enterprise desktop 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise desktop 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise desktop 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise desktop 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise sap 12 SP2
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP3
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP5
2.6.4-6.6.1
fixed
suse enterprise sap 15
3.3.0-2.19
fixed
suse enterprise sap 15 SP1
3.3.0-4.5.1
fixed
suse enterprise sap 15 SP2
3.11.0-1.42
fixed
suse enterprise sap 15 SP3
3.11.0-1.42
fixed
suse enterprise sap 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise sap 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise sap 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise sap 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise server 12 SP2
2.6.4-6.3.1
fixed
suse enterprise server 12 SP3
2.6.4-6.3.1
fixed
suse enterprise server 12 SP4
2.6.4-6.6.1
fixed
suse enterprise server 12 SP5
2.6.4-6.6.1
fixed
suse enterprise server 15
3.3.0-2.19
fixed
suse enterprise server 15 SP1
3.3.0-4.5.1
fixed
suse enterprise server 15 SP2
3.11.0-1.42
fixed
suse enterprise server 15 SP3
3.11.0-1.42
fixed
suse enterprise server 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise server 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise server 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise server 15 SP7
3.25.0-150600.1.3
fixed
liblouis-devel
suse enterprise desktop 15
3.3.0-2.19
fixed
suse enterprise desktop 15 SP1
3.3.0-4.5.1
fixed
suse enterprise desktop 15 SP2
3.11.0-1.42
fixed
suse enterprise desktop 15 SP3
3.11.0-1.42
fixed
suse enterprise desktop 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise desktop 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise desktop 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise desktop 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise sap 15
3.3.0-2.19
fixed
suse enterprise sap 15 SP1
3.3.0-4.5.1
fixed
suse enterprise sap 15 SP2
3.11.0-1.42
fixed
suse enterprise sap 15 SP3
3.11.0-1.42
fixed
suse enterprise sap 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise sap 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise sap 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise sap 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise server 15
3.3.0-2.19
fixed
suse enterprise server 15 SP1
3.3.0-4.5.1
fixed
suse enterprise server 15 SP2
3.11.0-1.42
fixed
suse enterprise server 15 SP3
3.11.0-1.42
fixed
suse enterprise server 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise server 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise server 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise server 15 SP7
3.25.0-150600.1.3
fixed
liblouis14
suse enterprise desktop 15
3.3.0-2.19
fixed
suse enterprise desktop 15 SP1
3.3.0-4.5.1
fixed
suse enterprise sap 15
3.3.0-2.19
fixed
suse enterprise sap 15 SP1
3.3.0-4.5.1
fixed
suse enterprise server 15
3.3.0-2.19
fixed
suse enterprise server 15 SP1
3.3.0-4.5.1
fixed
liblouis19
suse enterprise desktop 15 SP2
3.11.0-1.42
fixed
suse enterprise desktop 15 SP3
3.11.0-1.42
fixed
suse enterprise sap 15 SP2
3.11.0-1.42
fixed
suse enterprise sap 15 SP3
3.11.0-1.42
fixed
suse enterprise server 15 SP2
3.11.0-1.42
fixed
suse enterprise server 15 SP3
3.11.0-1.42
fixed
liblouis20
suse enterprise desktop 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise desktop 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise desktop 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise desktop 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise sap 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise sap 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise sap 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise sap 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise server 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise server 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise server 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise server 15 SP7
3.25.0-150600.1.3
fixed
liblouis9
suse enterprise sap 12 SP2
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP3
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP5
2.6.4-6.6.1
fixed
suse enterprise server 12 SP2
2.6.4-6.3.1
fixed
suse enterprise server 12 SP3
2.6.4-6.3.1
fixed
suse enterprise server 12 SP4
2.6.4-6.6.1
fixed
suse enterprise server 12 SP5
2.6.4-6.6.1
fixed
python-louis
suse enterprise sap 12 SP2
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP3
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP5
2.6.4-6.6.1
fixed
suse enterprise server 12 SP2
2.6.4-6.3.1
fixed
suse enterprise server 12 SP3
2.6.4-6.3.1
fixed
suse enterprise server 12 SP4
2.6.4-6.6.1
fixed
suse enterprise server 12 SP5
2.6.4-6.6.1
fixed
python3-louis
suse enterprise desktop 15
3.3.0-2.19
fixed
suse enterprise desktop 15 SP1
3.3.0-4.5.1
fixed
suse enterprise desktop 15 SP2
3.11.0-1.42
fixed
suse enterprise desktop 15 SP3
3.11.0-1.42
fixed
suse enterprise desktop 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise desktop 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise desktop 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise desktop 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise sap 12 SP2
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP3
2.6.4-6.3.1
fixed
suse enterprise sap 12 SP5
2.6.4-6.6.1
fixed
suse enterprise sap 15
3.3.0-2.19
fixed
suse enterprise sap 15 SP1
3.3.0-4.5.1
fixed
suse enterprise sap 15 SP2
3.11.0-1.42
fixed
suse enterprise sap 15 SP3
3.11.0-1.42
fixed
suse enterprise sap 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise sap 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise sap 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise sap 15 SP7
3.25.0-150600.1.3
fixed
suse enterprise server 12 SP2
2.6.4-6.3.1
fixed
suse enterprise server 12 SP3
2.6.4-6.3.1
fixed
suse enterprise server 12 SP4
2.6.4-6.6.1
fixed
suse enterprise server 12 SP5
2.6.4-6.6.1
fixed
suse enterprise server 15
3.3.0-2.19
fixed
suse enterprise server 15 SP1
3.3.0-4.5.1
fixed
suse enterprise server 15 SP2
3.11.0-1.42
fixed
suse enterprise server 15 SP3
3.11.0-1.42
fixed
suse enterprise server 15 SP4
3.16.1-150400.1.9
fixed
suse enterprise server 15 SP5
3.20.0-150400.3.13.1
fixed
suse enterprise server 15 SP6
3.25.0-150600.1.3
fixed
suse enterprise server 15 SP7
3.25.0-150600.1.3
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
liblouis
RHEL 7
0:2.5.2-11.el7_4
fixed
liblouis-devel
RHEL 7
0:2.5.2-11.el7_4
fixed
liblouis-doc
RHEL 7
0:2.5.2-11.el7_4
fixed
liblouis-python
RHEL 7
0:2.5.2-11.el7_4
fixed
liblouis-utils
RHEL 7
0:2.5.2-11.el7_4
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/100607
https://access.redhat.com/errata/RHSA-2017:3111
https://bugzilla.redhat.com/show_bug.cgi?id=1484332
http://www.securityfocus.com/bid/100607
https://access.redhat.com/errata/RHSA-2017:3111
https://bugzilla.redhat.com/show_bug.cgi?id=1484332