CVE-2023-24056
22.01.2023, 04:15
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| pkgconf | pkgconf | 𝑥 ≤ 1.9.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| libpkgconf |
| ||
| libpkgconf-debuginfo |
| ||
| libpkgconf-devel |
| ||
| pkgconf |
| ||
| pkgconf-debuginfo |
| ||
| pkgconf-debugsource |
| ||
| pkgconf-m4 |
| ||
| pkgconf-pkg-config |
|
Common Weakness Enumeration
References