Lucene search

K
archlinuxArchLinuxASA-202011-20
HistoryNov 19, 2020 - 12:00 a.m.

[ASA-202011-20] raptor: arbitrary code execution

2020-11-1900:00:00
security.archlinux.org
115

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

Arch Linux Security Advisory ASA-202011-20

Severity: Medium
Date : 2020-11-19
CVE-ID : CVE-2017-18926 CVE-2020-25713
Package : raptor
Type : arbitrary code execution
Remote : No
Link : https://security.archlinux.org/AVG-1283

Summary

The package raptor before version 2.0.15-14 is vulnerable to arbitrary
code execution.

Resolution

Upgrade to 2.0.15-14.

pacman -Syu “raptor>=2.0.15-14”

The problems have been fixed upstream but no release is available yet.

Workaround

None.

Description

  • CVE-2017-18926 (arbitrary code execution)

raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor
RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations
for the XML writer, leading to heap-based buffer overflows (sometimes
seen in raptor_qname_format_as_xml).

  • CVE-2020-25713 (arbitrary code execution)

A malformed input file can lead to a segfault due to an out of bounds
array access in raptor_xml_writer_start_element_common.

Impact

A maliciously crafted RDF file can crash the application or execute
arbitrary code.

References

https://bugs.archlinux.org/task/68613
https://www.openwall.com/lists/oss-security/2017/06/07/1
http://bugs.librdf.org/mantis/view.php?id=617
http://bugs.librdf.org/mantis/view.php?id=618
https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f
https://bugs.librdf.org/mantis/view.php?id=650
https://bugs.librdf.org/mantis/file_download.php?file_id=348&type=bug
https://security.archlinux.org/CVE-2017-18926
https://security.archlinux.org/CVE-2020-25713

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyraptor< 2.0.15-14UNKNOWN

7.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

Related for ASA-202011-20