Wind River Support Network

HomeDefectsLIN1018-6130

Fixed

LIN1018-6130 : Security Advisory - json-c - CVE-2020-12762

Created: May 10, 2020 Updated: May 29, 2020

Resolved Date: May 21, 2020

Found In Version: 10.18.44.1

Fix Version: 10.18.44.17

Severity: Standard

Applicable for: Wind River Linux LTS 18

Component/s: Userspace

Description

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.

CREATE(Triage):(User=admin) [CVE-2020-12762|https://nvd.nist.gov/vuln/detail/CVE-2020-12762]

CVEs

CVE-2020-12762