Wind River Support Network

HomeDefectsLIN1022-3918

Fixed

LIN1022-3918 : Security Advisory - libyang - CVE-2023-26917

Created: Apr 11, 2023 Updated: Sep 8, 2023

Resolved Date: Aug 10, 2023

Found In Version: 10.22.33.1

Fix Version: 10.22.33.12

Severity: Standard

Applicable for: Wind River Linux LTS 22

Component/s: Userspace

Description

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

CREATE(Triage):(User=admin) CVE-2023-26917 (https://nvd.nist.gov/vuln/detail/CVE-2023-26917)

CVEs

CVE-2023-26917