CVE-2017-18199
Published: 24 February 2018
realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file.
Notes
| Author | Note |
|---|---|
| ccdm94 | there is no explicit information mentioning what is the patch for this CVE, but it looks like it might have been fixed together with other issues in commit b9ab2a9d36a, according to the comment in the NEWS file. This is the commit that patches CVE-2017-18198. No other changes made to the to the code seem to be related to this vulnerability other than e73a8bb23a4, which looks like an initial version of something improved by commit b9ab2a9d36a. Commit e73a8bb23a4 fixes issue 52091 which is very similar to the issue that is CVE-2017-18198. CVE-2017-18199 involves code that is closely related to the code that is affected by CVE-2017-18198, and further research indicates that the POC for this latter CVE no longer causes a crash when commit e73a8bb23a4 is applied, so it is adequate to assume that it fixes CVE-2017-18199 and that commit b9ab2a9d36a, the improved version of e73a8bb23a4, does so as well. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libcdio Launchpad, Ubuntu, Debian |
groovy |
Not vulnerable
(1.0.0-2)
|
| hirsute |
Not vulnerable
(1.0.0-2)
|
|
| artful |
Ignored
(end of life)
|
|
| bionic |
Not vulnerable
(1.0.0-2)
|
|
| cosmic |
Not vulnerable
(1.0.0-2)
|
|
| disco |
Not vulnerable
(1.0.0-2)
|
|
| eoan |
Not vulnerable
(1.0.0-2)
|
|
| focal |
Not vulnerable
(1.0.0-2)
|
|
| impish |
Not vulnerable
(1.0.0-2)
|
|
| jammy |
Not vulnerable
(1.0.0-2)
|
|
| kinetic |
Not vulnerable
(1.0.0-2)
|
|
| trusty |
Released
(0.83-4.1ubuntu1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
| xenial |
Released
(0.83-4.2ubuntu1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
| upstream |
Released
(1.0.0, 1.0.0-1)
|
|
|
Patches: upstream: https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=e73a8bb23a4405b32cc7708771833f6c4e6b2426 upstream: https://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=b9ab2a9d36a216ba1b3a6b4ee465c3ee2b806ec6 |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |