CVE-2018-25153

NameCVE-2018-25153
DescriptionGNU Barcode 0.99 contains a memory leak vulnerability in the command line processing function within cmdline.c. Attackers can exploit this vulnerability by providing specially crafted input that causes unfreed memory allocations, potentially leading to denial of service conditions.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
barcode (PTS)bullseye0.99-4vulnerable
bookworm0.99-6vulnerable
forky, sid, trixie0.99-9vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
barcodesource(unstable)(unfixed)unimportant

Notes

https://lists.gnu.org/archive/html/bug-barcode/2018-05/msg00002.html
https://www.exploit-db.com/exploits/44798
Negligible security impact
Search for package or bug name: Reporting problems