VDB

GCVE-VVD-MAGEIA-2023-77

GCVE-VVD-MAGEIA-2023-77
Advisory Published
Vulnetix · Advisory published September 30, 2023
In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. (CVE-2023-24056)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiafsarchiver0 (affected), 0.8.7-1.mga9 (unaffected)
Mageiaqt-fsarchiver0 (affected), 0.8.6.7-4.1.mga9 (unaffected)
Mageiaqt-fsarchiver-terminal0 (affected), 0.8.6.7-1.1.mga9 (unaffected)
Mageiapkgconf0 (affected), 1.7.3-2.1.mga8 (unaffected), 0 (affected), 1.7.3-2.1.mga8 (unaffected)

References

Updated pkgconf packages fix security vulnerability
advisory
Updated pkgconf packages fix security vulnerability
issue
Updated pkgconf packages fix security vulnerability
issue
Updated fsarchiver packages add EXT4 orphan_file feature
advisory
Updated fsarchiver packages add EXT4 orphan_file feature
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›