CVE-2019-25050

Published: Jul 20, 2021

Modified: Aug 5, 2024

PUBLISHED

Description

netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-392.yaml

x_refsource_MISC

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2020-420.yaml

x_refsource_MISC

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15143

x_refsource_MISC

https://github.com/OSGeo/gdal/commit/767e3a56144f676ca738ef8f700e0e56035bd05a

x_refsource_MISC

https://github.com/OSGeo/gdal/commit/27b9bf644bcf1208f7d6594bdd104cc8a8bb0646

x_refsource_MISC

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15156

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-25050

Description

Affected Products

References