Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 05:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugs.launchpad.net/bugs/1878177 - Issue Tracking, Third Party Advisory | |
References | () https://github.com/Debian/apt/issues/111 - Exploit, Third Party Advisory | |
References | () https://lists.debian.org/debian-security-announce/2020/msg00089.html - Mailing List, Vendor Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U4PEH357MZM2SUGKETMEHMSGQS652QHH/ - | |
References | () https://salsa.debian.org/apt-team/apt/-/commit/dceb1e49e4b8e4dadaf056be34088b415939cda6 - Patch, Vendor Advisory | |
References | () https://tracker.debian.org/news/1144109/accepted-apt-212-source-into-unstable/ - Release Notes, Vendor Advisory | |
References | () https://usn.ubuntu.com/4359-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/4359-2/ - Third Party Advisory |
07 Nov 2023, 03:23
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-05-15 14:15
Updated : 2024-11-21 05:31
NVD link : CVE-2020-3810
Mitre link : CVE-2020-3810
CVE.ORG link : CVE-2020-3810
JSON object : View
Products Affected
debian
- debian_linux
- apt
fedoraproject
- fedora
canonical
- ubuntu_linux