PT-2019-14256 · None+2 · Libmirage+2

Andrea Fioraldi

Publicado

2019-08-25

Atualizado

2020-11-02

CVE-2019-15540

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libMirage version 3.2.2

Description The issue is related to a heap-based buffer overflow in the CSO filter of libMirage, which can be triggered by a local Linux user due to the lack of validation of the part size. This can potentially lead to root access.

Recommendations For libMirage version 3.2.2, consider updating to a newer version that addresses this issue, as the current version does not validate the part size, leading to a potential heap-based buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALT-PU-2020-3189

CVE-2019-15540

MGASA-2019-0404

OPENSUSE-SU-2019:2033-1

OPENSUSE-SU-2019:2040-1

OPENSUSE-SU-2019:2077-1

OPENSUSE-SU-2019_2033-1

OPENSUSE-SU-2019_2040-1

OPENSUSE-SU-2024:10957-1

Produtos afetados

Alt Linux

Suse

Libmirage

PT-2019-14256 · None+2 · Libmirage+2

CVE-2019-15540

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19