Lucene search

K
jvnJapan Vulnerability NotesJVN:42883072
HistoryAug 04, 2022 - 12:00 a.m.

JVN#42883072: Kaitai Struct: compiler vulnerable to denial-of-service (DoS)

2022-08-0400:00:00
Japan Vulnerability Notes
jvn.jp
27
kaitai struct
denial-of-service
snakeyaml

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.019

Percentile

88.5%

Kaitai Struct: compiler provided by Kaitai team contains SnakeYAML library version 1.25, which is used in parsing .ksy files.
SnakeYAML version 1.25 expands recursive aliases unlimitedly (CWE-674), hence Katai Struct: compiler is vulnerable to a denial-of-service (DoS) attack by Billion Laughs Attack.

Impact

Processing untrusted .ksy files may cause a denial-of-service (DoS) condition.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.
According to the developer, this vulnerability has been fixed at version 0.10 by updating the bundled SnakeYAML library.

Products Affected

  • Kaitai Struct: compiler 0.9 and earlier

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.019

Percentile

88.5%