Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2017-18199

Published: 24 February 2018

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.

Notes

AuthorNote
ccdm94 
there is no explicit information mentioning what is the
patch for this CVE, but it looks like it might have been
fixed together with other issues in commit b9ab2a9d36a,
according to the comment in the NEWS file. This is the commit
that patches CVE-2017-18198. No other changes made to the
to the code seem to be related to this vulnerability other
than e73a8bb23a4, which looks like an initial version of
something improved by commit b9ab2a9d36a. Commit e73a8bb23a4
fixes issue 52091 which is very similar to the issue that is
CVE-2017-18198. CVE-2017-18199 involves code that is closely
related to the code that is affected by CVE-2017-18198, and
further research indicates that the POC for this latter CVE
no longer causes a crash when commit e73a8bb23a4 is applied,
so it is adequate to assume that it fixes CVE-2017-18199 and
that commit b9ab2a9d36a, the improved version of e73a8bb23a4,
does so as well.

Priority

Low

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package Release Status
libcdio
Launchpad, Ubuntu, Debian 		artful Ignored
(end of life)
bionic Not vulnerable
(1.0.0-2)
cosmic Not vulnerable
(1.0.0-2)
disco Not vulnerable
(1.0.0-2)
eoan Not vulnerable
(1.0.0-2)
focal Not vulnerable
(1.0.0-2)
groovy Not vulnerable
(1.0.0-2)
hirsute Not vulnerable
(1.0.0-2)
impish Not vulnerable
(1.0.0-2)
jammy Not vulnerable
(1.0.0-2)
kinetic Not vulnerable
(1.0.0-2)
trusty
Released (0.83-4.1ubuntu1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
upstream
Released (1.0.0, 1.0.0-1)
xenial
Released (0.83-4.2ubuntu1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
Patches:
upstream: https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=e73a8bb23a4405b32cc7708771833f6c4e6b2426
upstream: https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=b9ab2a9d36a216ba1b3a6b4ee465c3ee2b806ec6

Severity score breakdown

Parameter Value
Base score 6.5
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading