nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). CREATE(Triage):(User=admin) CVE-2019-20367 (https://nvd.nist.gov/vuln/detail/CVE-2019-20367)