Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-10792

There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.

Related bugs and status

CVE-2017-10792 (Candidate) is related to these bugs:

Bug #1714497: FreezeException: Include GNU PSPP 1.0.1 in artful

Summary				In	Importance	Status
	1714497	FreezeException: Include GNU PSPP 1.0.1 in artful		pspp (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.redha...
BID: 99385
MLIST: [pspp-announce] 201708...