cve/2019/CVE-2019-16224.md

CVE-2019-16224

Description

An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

POC

Reference

• https://github.com/TeamSeri0us/pocs/tree/master/lmdb/lmdb%20initialization%20vuln

Github

No PoCs found on GitHub currently.