ubuntu · CVE-2017-10792

Quick triage

Priority: medium Published: 2017-07-02 03:29:00 UTC Updated: 2025-08-26 11:57:01 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2017-10792 medium priority: Ubuntu including 1 source packages (pspp), 22 status rows across 22 suites (artful, bionic, cosmic, disco, eoan, focal, groovy, hirsute, impish, jammy, kinetic, lunar, mantic, noble, oracular, plucky, questing, trusty, upstream, xenial, yakkety, zesty): not-affected 15, DNE 3, ignored 2, needed 1, released 1.

Description:

There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.

cvelogic Threat Intelligence