CVE-2019-3817

A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
rpmlibcomps
𝑥
< 0.1.10
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
createrepo
RHEL 8
0:0.11.0-3.el8
fixed
dnf
RHEL 8
0:4.2.7-6.el8
fixed
dnf-automatic
RHEL 8
0:4.2.7-6.el8
fixed
dnf-data
RHEL 8
0:4.2.7-6.el8
fixed
dnf-plugins-core
RHEL 8
0:4.0.8-3.el8
fixed
libcomps
RHEL 8
0:0.1.11-2.el8
fixed
libcomps-devel
RHEL 8
0:0.1.11-2.el8
fixed
libdnf
RHEL 8
0:0.35.1-8.el8
fixed
librepo
RHEL 8
0:1.10.3-3.el8
fixed
librhsm
RHEL 8
0:0.0.3-3.el8
fixed
libsolv
RHEL 8
0:0.7.4-3.el8
fixed
microdnf
RHEL 8
0:3.0.1-3.el8
fixed
python3-createrepo
RHEL 8
0:0.11.0-3.el8
fixed
python3-dnf
RHEL 8
0:4.2.7-6.el8
fixed
python3-dnf-plugin-versionlock
RHEL 8
0:4.0.8-3.el8
fixed
python3-dnf-plugins-core
RHEL 8
0:4.0.8-3.el8
fixed
python3-hawkey
RHEL 8
0:0.35.1-8.el8
fixed
python3-libcomps
RHEL 8
0:0.1.11-2.el8
fixed
python3-libdnf
RHEL 8
0:0.35.1-8.el8
fixed
python3-librepo
RHEL 8
0:1.10.3-3.el8
fixed
yum
RHEL 8
0:4.2.7-6.el8
fixed
yum-utils
RHEL 8
0:4.0.8-3.el8
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2019:3583
https://access.redhat.com/errata/RHSA-2019:3898
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3817
https://github.com/rpm-software-management/libcomps/commit/e3a5d056633677959ad924a51758876d415e7046
https://github.com/rpm-software-management/libcomps/issues/41
https://access.redhat.com/errata/RHSA-2019:3583
https://access.redhat.com/errata/RHSA-2019:3898
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3817
https://github.com/rpm-software-management/libcomps/commit/e3a5d056633677959ad924a51758876d415e7046
https://github.com/rpm-software-management/libcomps/issues/41