CVE-2023-30079
Publication date 22 August 2023
Last updated 4 August 2025
Ubuntu priority
Description
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-22652. Reason: This record is a duplicate of CVE-2023-22652. Notes: All CVE users should reference CVE-2023-22652 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| libeconf | ||
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored end of standard support | |
| 16.04 LTS xenial | Ignored end of standard support | |
| 14.04 LTS trusty | Ignored end of standard support |
Severity score breakdown
CVSS version: CVSS v3.0
Base score
8.8 · High
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
Other references
- https://github.com/openSUSE/libeconf/issues/177
- https://github.com/openSUSE/libeconf/commit/8d086dfc69d4299e55e4844e3573b3a4cf420f19 (v0.5.2)
- https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-logindefs1.c
- https://github.com/yangjiageng/PoC/blob/master/libeconf-PoC/read_file_503
- https://www.cve.org/CVERecord?id=CVE-2023-30079