PT-2019-1509 · Zeromq+2 · Libzmq+2

Guido Vranken

Published

2019-01-08

Updated

2024-06-15

CVE-2019-6250

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ZeroMQ libzmq versions 4.2.x through 4.3.0

Description The issue is caused by an integer overflow in the ZeroMQ libzmq library, which can be exploited by a remote attacker to execute arbitrary code. Specifically, a v2 decoder t::size ready integer overflow in v2 decoder.cpp allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer. This can be leveraged to run arbitrary code on the target system by injecting OS commands into a data structure located immediately after the problematic buffer.

Recommendations For ZeroMQ libzmq versions 4.2.x through 4.3.0, update to version 4.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the v2 decoder t::size ready function to minimize the risk of exploitation.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2022-1314

BDU:2019-00952

CVE-2019-6250

DSA-4368-1

MGASA-2019-0054

OPENSUSE-SU-2019:0087-1

OPENSUSE-SU-2019_0064-1

OPENSUSE-SU-2019_0087-1

OPENSUSE-SU-2024:11264-1

OPENSUSE-SU-2024:11540-1

OPENSUSE-SU-2024:13821-1

SUSE-FU-2022:0444-1

SUSE-FU-2022:0445-1

SUSE-SU-2019:0110-1

SUSE-SU-2019_0110-1

Affected Products

Alt Linux

Suse

Libzmq

PT-2019-1509 · Zeromq+2 · Libzmq+2

CVE-2019-6250

Weakness Enumeration

Related Identifiers

Affected Products

References · 27