libmodbus.so is vulnerable to heap-based buffer overflow. The vulnerability exists in modbus_reply
function at src/modbus.c
because it does not check for the null values earlier. which allows an attacker to cause a buffer overflow.
bugzilla.redhat.com/show_bug.cgi?id=2045571
github.com/advisories/GHSA-w46r-g3fx-q46r
github.com/stephane/libmodbus/commit/b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6
github.com/stephane/libmodbus/issues/614
github.com/stephane/libmodbus/releases/tag/v3.1.7
lists.debian.org/debian-lts-announce/2022/09/msg00007.html
www.libmodbus.org/download/