nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). CREATE(Triage):(User=admin) [CVE-2019-20367|https://nvd.nist.gov/vuln/detail/CVE-2019-20367]