简介

An update for unixODBC is now available for openEuler-24.03-LTS

严重级别

High

主题

An update for unixODBC is now available for openEuler-24.03-LTS. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

描述

The unixODBC Project goals are to develop and promote unixODBC to be the definitive standard for ODBC on non MS Windows platforms. This is to include GUI support for both KDE and GNOME. Security Fix(es): An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.(CVE-2024-1013)

影响组件

unixODBC

CVE

CVE-2024-1013

参考链接

https://nvd.nist.gov/vuln/detail/CVE-2024-1013

后续改善计划

宝德计算机会持续跟进该漏洞的最新动态，请关注宝德计算机官网、官微公告有任何关于此漏洞修复的问题，可以通过以下方式联系我们:

宝德计算机售后咨询热线:4008-870-872

宝德PSIRT邮箱:psirt@powerleadercom.cn