CVE-2019-6136

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libIEC61850 version 1.3.1

Description A problem has been identified in the Ethernet setProtocolFilter function, located in the hal/ethernet/linux/ethernet linux.c file, which can cause a segmentation fault (SEGV). This issue is demonstrated by the example files sv subscriber example.c and sv subscriber.c.

Recommendations For libIEC61850 version 1.3.1, consider restricting access to the Ethernet setProtocolFilter function until a patch is available. As a temporary workaround, avoid using the Ethernet setProtocolFilter function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2020-3467

ALT-PU-2020-3487

ALT-PU-2024-11160

CVE-2019-6136

Affected Products

Alt Linux

Libiec61850

CVE-2019-6136

Related Identifiers

Affected Products

References · 3