diff --git a/advisories/published/2025/JLSEC-0000-mns69g5iw-15ipc3w.md b/advisories/published/2025/JLSEC-0000-mns69g5iw-15ipc3w.md new file mode 100644 index 0000000..d708fd4 --- /dev/null +++ b/advisories/published/2025/JLSEC-0000-mns69g5iw-15ipc3w.md @@ -0,0 +1,24 @@ +```toml +schema_version = "1.7.3" +id = "JLSEC-0000-mns69g5iw-15ipc3w" +modified = 2025-10-19T19:45:10.904Z +upstream = ["CVE-2018-18751"] +references = ["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00061.html", "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00065.html", "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00025.html", "https://access.redhat.com/errata/RHSA-2019:3643", "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/doublefree", "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption", "https://usn.ubuntu.com/3815-1/", "https://usn.ubuntu.com/3815-2/", "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00061.html", "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00065.html", "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00025.html", "https://access.redhat.com/errata/RHSA-2019:3643", "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/doublefree", "https://github.com/CCCCCrash/POCs/tree/master/Bin/Tools-gettext-0.19.8.1/heapcorruption", "https://usn.ubuntu.com/3815-1/", "https://usn.ubuntu.com/3815-2/"] + +[[affected]] +pkg = "Gettext_jll" +ranges = ["< 0.20.1+1"] + +[[jlsec_sources]] +id = "CVE-2018-18751" +imported = 2025-10-19T19:45:10.904Z +modified = 2024-11-21T03:56:31.223Z +published = 2018-10-29T12:29:09.617Z +url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2018-18751" +html_url = "https://nvd.nist.gov/vuln/detail/CVE-2018-18751" +``` + +# An issue was discovered in GNU gettext 0.19.8 + +An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt. +