CVE-2019-25051

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
gnuaspell
0.60.8
debiandebian_linux
9.0
debiandebian_linux
10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
aspell
bookworm
0.60.8-4
fixed
bullseye
0.60.8-3
fixed
sid
0.60.8.1-1
fixed
trixie
0.60.8.1-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
aspell
bionic
Fixed 0.60.7~20110707-4ubuntu0.2
released
focal
Fixed 0.60.8-1ubuntu0.1
released
groovy
ignored
hirsute
Fixed 0.60.8-2ubuntu0.1
released
impish
Fixed 0.60.8-3
released
jammy
Fixed 0.60.8-3
released
trusty
Fixed 0.60.7~20110707-1ubuntu1+esm2
released
xenial
Fixed 0.60.7~20110707-3ubuntu0.1+esm1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
aspell
suse enterprise desktop 15 SP2
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP3
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP4
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP5
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP6
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP7
0.60.8-3.3.1
fixed
suse enterprise sap 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP5
0.60.6.1-18.11.1
fixed
suse enterprise sap 15 SP2
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP3
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP4
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP5
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP6
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP7
0.60.8-3.3.1
fixed
suse enterprise server 12 SP2
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP5
0.60.6.1-18.11.1
fixed
suse enterprise server 15 SP2
0.60.8-3.3.1
fixed
suse enterprise server 15 SP3
0.60.8-3.3.1
fixed
suse enterprise server 15 SP4
0.60.8-3.3.1
fixed
suse enterprise server 15 SP5
0.60.8-3.3.1
fixed
suse enterprise server 15 SP6
0.60.8-3.3.1
fixed
suse enterprise server 15 SP7
0.60.8-3.3.1
fixed
aspell-devel
suse enterprise desktop 15 SP2
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP3
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP4
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP5
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP6
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP7
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP2
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP3
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP4
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP5
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP6
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP7
0.60.8-3.3.1
fixed
suse enterprise server 15 SP2
0.60.8-3.3.1
fixed
suse enterprise server 15 SP3
0.60.8-3.3.1
fixed
suse enterprise server 15 SP4
0.60.8-3.3.1
fixed
suse enterprise server 15 SP5
0.60.8-3.3.1
fixed
suse enterprise server 15 SP6
0.60.8-3.3.1
fixed
suse enterprise server 15 SP7
0.60.8-3.3.1
fixed
aspell-ispell
suse enterprise sap 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP5
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP2
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP5
0.60.6.1-18.11.1
fixed
libaspell15
suse enterprise desktop 15 SP2
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP3
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP4
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP5
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP6
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP7
0.60.8-3.3.1
fixed
suse enterprise sap 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP5
0.60.6.1-18.11.1
fixed
suse enterprise sap 15 SP2
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP3
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP4
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP5
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP6
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP7
0.60.8-3.3.1
fixed
suse enterprise server 12 SP2
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP5
0.60.6.1-18.11.1
fixed
suse enterprise server 15 SP2
0.60.8-3.3.1
fixed
suse enterprise server 15 SP3
0.60.8-3.3.1
fixed
suse enterprise server 15 SP4
0.60.8-3.3.1
fixed
suse enterprise server 15 SP5
0.60.8-3.3.1
fixed
suse enterprise server 15 SP6
0.60.8-3.3.1
fixed
suse enterprise server 15 SP7
0.60.8-3.3.1
fixed
libaspell15-32bit
suse enterprise sap 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise sap 12 SP5
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP2
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP3
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP4
0.60.6.1-18.11.1
fixed
suse enterprise server 12 SP5
0.60.6.1-18.11.1
fixed
libpspell15
suse enterprise desktop 15 SP2
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP3
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP4
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP5
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP6
0.60.8-3.3.1
fixed
suse enterprise desktop 15 SP7
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP2
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP3
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP4
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP5
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP6
0.60.8-3.3.1
fixed
suse enterprise sap 15 SP7
0.60.8-3.3.1
fixed
suse enterprise server 15 SP2
0.60.8-3.3.1
fixed
suse enterprise server 15 SP3
0.60.8-3.3.1
fixed
suse enterprise server 15 SP4
0.60.8-3.3.1
fixed
suse enterprise server 15 SP5
0.60.8-3.3.1
fixed
suse enterprise server 15 SP6
0.60.8-3.3.1
fixed
suse enterprise server 15 SP7
0.60.8-3.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
aspell
RHEL 8
12:0.60.6.1-22.el8
fixed
aspell-devel
RHEL 8
12:0.60.6.1-22.el8
fixed
Common Weakness Enumeration
References
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18462
https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/aspell/OSV-2020-521.yaml
https://lists.debian.org/debian-lts-announce/2021/07/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H7E4EI7F6TVN7K6XWU6HSANMCOKKEREE/
https://www.debian.org/security/2021/dsa-4948
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18462
https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/aspell/OSV-2020-521.yaml
https://lists.debian.org/debian-lts-announce/2021/07/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H7E4EI7F6TVN7K6XWU6HSANMCOKKEREE/
https://www.debian.org/security/2021/dsa-4948