First published: Tue Aug 08 2023(Updated: )
log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ubuntu/libqb | <2.0.4-1ubuntu0.2 | 2.0.4-1ubuntu0.2 |
ubuntu/libqb | <2.0.6-2ubuntu0.1 | 2.0.6-2ubuntu0.1 |
Clusterlabs Libqb | <2.0.8 | |
<2.0.8 | ||
redhat/libqb | <2.0.8 | 2.0.8 |
debian/libqb | <=2.0.3-1<=2.0.6-2 | 1.0.5-1 2.0.8-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-39976 is a vulnerability in libqb before 2.0.8 that allows a buffer overflow via long log messages.
CVE-2023-39976 has a severity score of 9.8 (Critical).
CVE-2023-39976 affects Clusterlabs Libqb versions up to and excluding 2.0.8.
CVE-2023-39976 affects Ubuntu libqb versions 2.0.4-1ubuntu0.2 and 2.0.6-2ubuntu0.1.
To fix CVE-2023-39976, update libqb to version 2.0.8 or later.