Wind River Support Network

HomeDefectsLIN1022-3835

Fixed

LIN1022-3835 : Security Advisory - libyang - CVE-2023-26916

Created: Apr 3, 2023 Updated: Aug 3, 2023

Resolved Date: Jul 16, 2023

Found In Version: 10.22.33.1

Fix Version: 10.22.33.11

Severity: Standard

Applicable for: Wind River Linux LTS 22

Component/s: Userspace

Description

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.

CREATE(Triage):(User=admin) CVE-2023-26916 (https://nvd.nist.gov/vuln/detail/CVE-2023-26916)

CVEs

CVE-2023-26916