CVE-2020-35357

NameCVE-2020-35357
DescriptionA buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3576-1, ELA-952-1
Debian Bugs1052655

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gsl (PTS)jessie, jessie (lts)1.16+dfsg-2+deb8u1fixed
stretch (lts), stretch2.3+dfsg-1+deb9u1fixed
buster (security), buster, buster (lts)2.5+dfsg-6+deb10u1fixed
bullseye2.6+dfsg-2vulnerable
bookworm2.7.1+dfsg-5vulnerable
sid, trixie2.8+dfsg-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gslsourcejessie1.16+dfsg-2+deb8u1ELA-952-1
gslsourcestretch2.3+dfsg-1+deb9u1ELA-952-1
gslsourcebuster2.5+dfsg-6+deb10u1DLA-3576-1
gslsource(unstable)2.7.1+dfsg-61052655

Notes

[bookworm] - gsl <no-dsa> (Minor issue)
[bullseye] - gsl <no-dsa> (Minor issue)
https://savannah.gnu.org/bugs/?59624
https://git.savannah.gnu.org/cgit/gsl.git/commit/?id=989a193268b963aa1047814f7f1402084fb7d859
Search for package or bug name: Reporting problems