CVE-2024-2410
Published: 3 May 2024
The JsonToBinaryStream() function is part of the protocol buffers C++ implementation and is used to parse JSON from a stream. If the input is broken up into separate chunks in a certain way, the parser will attempt to read bytes from a chunk that has already been freed.
Notes
Author | Note |
---|---|
rodrigo-zaiden | bug introduced in 4.22.0 |
Priority
Status
Package | Release | Status |
---|---|---|
protobuf Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
focal |
Not vulnerable
(code not present)
|
|
jammy |
Not vulnerable
(code not present)
|
|
mantic |
Not vulnerable
(code not present)
|
|
noble |
Not vulnerable
(code not present)
|
|
trusty |
Not vulnerable
(code not present)
|
|
upstream |
Released
(4.25.0)
|
|
xenial |
Not vulnerable
(code not present)
|
|
Patches: upstream: https://github.com/protocolbuffers/protobuf/commit/b955165ebdcc5a8ba9c267230d6305f4e3d9c118 |