Main Vulnerability Database SB2019031928

SB2019031928 - Fedora 29 update for chicken

Published: March 19, 2019 Updated: April 24, 2025

Security Bulletin ID SB2019031928

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2017-9334)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it.

Remediation

Install update from vendor's website.

References

https://bodhi.fedoraproject.org/updates/FEDORA-2019-7528388823