{"id":"UBUNTU-CVE-2017-6318","details":"saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet.","modified":"2026-04-22T12:26:41.533606Z","published":"2017-03-20T16:59:00Z","related":["USN-4470-1"],"upstream":["CVE-2017-6318"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-6318"},{"type":"REPORT","url":"http://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035029.html"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4470-1"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2017-6318"}],"affected":[{"package":{"name":"sane-backends","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/sane-backends@1.0.25+git20150528-1ubuntu2.16.04.3?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.25+git20150528-1ubuntu2.16.04.3"}]}],"versions":["1.0.25+git20150528-1ubuntu2","1.0.25+git20150528-1ubuntu2.16.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"libsane","binary_version":"1.0.25+git20150528-1ubuntu2.16.04.3"},{"binary_name":"libsane-common","binary_version":"1.0.25+git20150528-1ubuntu2.16.04.3"},{"binary_name":"sane-utils","binary_version":"1.0.25+git20150528-1ubuntu2.16.04.3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-6318.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}