json-c: integer overflow and out-of-bounds write (CVE-2020-12762)
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-12762
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-12762
Patches:
Affected branches:
-
master -
3.11-stable -
3.10-stable -
3.9-stable