DescriptionA double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
SUSE Security Advisories:
- openSUSE-SU-2022:0068-1, published Thu Mar 3 04:41:06 2022
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub 15 SP3|| ||Patchnames: |
|openSUSE Leap 15.3|| ||Patchnames: |
|openSUSE Leap 15.4|| ||Patchnames: |
openSUSE Leap 15.4 GA libshp2-1.5.0-bp154.2.50
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA libshp-devel-1.5.0-2.1
SUSE Timeline for this CVECVE page created: Mon Feb 21 11:00:16 2022
CVE page last modified: Wed Oct 26 23:33:42 2022