VDB
GSD-2023-22652
GSD-2023-22652
PUBLISHED
CVSS 3.299999952316284 LOW
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2.
Risk Scores
CVSS 3.1
3.299999952316284
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openSUSE | libeconf | ? |
Exploit Intelligence
- CVE-2011-1473 POC script (github-poc)
- A bash script that attempts to flood a server with TLS renegotiations by using the openssl client. See CVE-2011-1473 and CVE-2011-1473 for details. (github-poc)
- zjt674449039/cve-2011-1473 (github-poc)
- A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier. CVE project by @Sn0wAlice (github-poc)
- https://github.com/openSUSE/libeconf/issues/177 (circl)
- https://lists.debian.org/debian-lts-announce/2025/05/msg00016.html (circl)
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22652 (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAYW7X753Z6GOJKVLQPXBDHISN6ZT233/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDD5GL5T3V5XZ3VFA4HPE6YGJ2K4HHPC/ (circl)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SMG5256D5I3GFA3RBAJQ2WYPJDYAIL74/ (circl)
…and 5 more exploits
Timeline
- Oct 6, 2021 PoC Published
- Oct 5, 2023 PoC Published
- May 9, 2024 PoC Published
- Apr 28, 2025 PoC Published
- Apr 22, 2026 CVE Published
References
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22652 url
- https://https://github.com/openSUSE/libeconf/issues/177 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SMG5256D5I3GFA3RBAJQ2WYPJDYAIL74/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SDD5GL5T3V5XZ3VFA4HPE6YGJ2K4HHPC/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YAYW7X753Z6GOJKVLQPXBDHISN6ZT233/ url
- https://lists.debian.org/debian-lts-announce/2025/05/msg00016.html url
- https://github.com/openSUSE/libeconf/issues/177 exploit