Unrated severityNVD Advisory· Published Sep 4, 2018· Updated Aug 5, 2024

CVE-2018-16428

Description

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

Affected products

osv-coords19 versions
pkg:rpm/suse/glib2&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3 pkg:rpm/suse/glib2&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4 pkg:rpm/suse/glib2&distro=SUSE%20OpenStack%20Cloud%207
< 2.48.2-12.12.2+ 18 more
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.54.3-4.7.1
- (no CPE)range: < 2.54.3-4.7.1
- (no CPE)range: < 2.38.2-7.9.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.38.2-7.9.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2
- (no CPE)range: < 2.48.2-12.12.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

usn.ubuntu.com/3767-1/mitrevendor-advisoryx_refsource_UBUNTU
usn.ubuntu.com/3767-2/mitrevendor-advisoryx_refsource_UBUNTU
www.openwall.com/lists/oss-security/2020/02/14/3mitremailing-listx_refsource_MLIST
www.securityfocus.com/bid/105210mitrevdb-entryx_refsource_BID
gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9mitrex_refsource_MISC
gitlab.gnome.org/GNOME/glib/issues/1364mitrex_refsource_MISC
lists.debian.org/debian-lts-announce/2019/07/msg00029.htmlmitremailing-listx_refsource_MLIST

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000