Vulnerabilities > CVE-2021-30498 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

libcaca-project

fedoraproject

CWE-787

NVD

Published: 2021-05-26

Updated: 2024-04-07

Summary

A flaw was found in libcaca. A heap buffer overflow in export.c in function export_tga might lead to memory corruption and other potential consequences.

Vulnerable Configurations

Part	Description	Count
Application	Libcaca_Project Libcaca Project Libcaca 0.99	6
OS	Fedoraproject Fedoraproject Fedora 34 Fedoraproject Fedora 35 Fedoraproject Fedora 36	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://bugzilla.redhat.com/show_bug.cgi?id=1948675
https://github.com/cacalabs/libcaca/issues/53
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WFGYICNTMNDNMDDUV4G2RYFB5HNJCOV/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PC7EGOEQ5C4OD66ZUJJIIYEXBTZOCMZX/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZSBCRN6EGQJUVOSD4OEEQ6XORHEM2CUL/
https://lists.debian.org/debian-lts-announce/2024/04/msg00004.html