Unrated severityNVD Advisory· Published May 18, 2021· Updated Aug 4, 2024
CVE-2020-23856
CVE-2020-23856
Description
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cflow/cflowdescription
Patches
Vulnerability mechanics
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BLSXGFK2NYPCJMPHSHE3W56ZU3ZO6RD7/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZTTKZX274BVFZX7TMPEZG6UWL6UPMQF/mitrevendor-advisoryx_refsource_FEDORA
- github.com/yangjiageng/PoC/blob/master/PoC_cflow_uaf_parser_line1284mitrex_refsource_MISC
- lists.gnu.org/archive/html/bug-cflow/2020-07/msg00000.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.