Medium severity5.5OSV Advisory· Published Mar 18, 2018· Updated Jun 17, 2026
CVE-2018-8754
CVE-2018-8754
Description
The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/libyal/libevt/commit/9d2cc3ca0a1612a6b271abcacffc2e3eea42925envdPatchVendor Advisory
- www.debian.org/security/2018/dsa-4160nvdThird Party Advisory
News mentions
0No linked articles in our index yet.