Lucene search

K
redosRedosROS-2-481
HistorySep 08, 2021 - 12:00 a.m.

ROS-2-481

2021-09-0800:00:00
redos.red-soft.ru
3

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.1%

2.481 Multiple vulnerabilities in libwebp

1. Vulnerability description:

CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause resource exhaustion and perform a denial of service (DoS) attack. CVE-2018-25014 A vulnerability in the libwebp library for encoding and decoding WebP images is related to the use of a unified variable in the ReadSymbol() function. Exploitation of the vulnerability could allow a remote attacker to trick a victim into opening a specially crafted file and executing arbitrary code on the system. CVE-2020-36331 Vulnerability in the libwebp library for encoding and decoding WebP images, related to boundary conditions in the ChunkAssignData() function. Exploitation of the vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a memory boundary error, and read the memory contents on the system. CVE-2020-36330 A vulnerability in the libwebp library for encoding and decoding WebP images is related to boundary conditions in the ChunkVerifyAndAssign() function. Exploitation of the vulnerability could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause an error memory boundary exit, and read the memory contents on the system. CVE-2018-25013 A vulnerability in the libwebp library for encoding and decoding WebP images is related to boundary conditions in the ShiftBytes() function. Exploitation of the vulnerability could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause an error memory boundary exit, and read the memory contents on the system. CVE-2018-25012 A vulnerability in the libwebp library for WebP image encoding and decoding is related to boundary conditions in the WebPMuxCreateInternal() function. Exploitation of the vulnerability could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause an error memory boundary exit, and read the memory contents on the system. CVE-2018-25010 Vulnerability in libwebp library for encoding and decoding WebP images, related to boundary conditions in ApplyFilter() function. Exploitation of the vulnerability could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause an error memory boundary exit, and read the memory contents on the system. CVE-2018-25009 A vulnerability in the libwebp library for WebP image encoding and decoding is related to boundary conditions in the WebPMuxCreateInternal() function. Exploitation of the vulnerability could allow an attacker acting remotely to create a special file, trick the victim into opening it, cause an error memory boundary exit, and read the memory contents on the system. CVE-2018-25011 A vulnerability in the libwebp library for encoding and decoding WebP images is related to boundary conditions in the PutLE16() function. Exploitation of the vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a heap-based buffer overflow, and execute arbitrary code on the target system. CVE-2020-36328 A vulnerability in the libwebp library for WebP image encoding and decoding is related to boundary conditions in the WebPDecodeRGBInto() function. Exploitation of the vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a heap-based buffer overflow, and execute arbitrary code on the target system. CVE-2020-36329 Vulnerability in the libwebp library for encoding and decoding WebP images, related to a post-release memory usage error. Exploitation of the vulnerability could allow a remote attacker to create a special file, trick the victim into opening it, cause a memory release error, and execute arbitrary code on the target system.IDENTIFICATOR of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-03107, BDU:2021-03106, BDU:2021-03105, BDU:2021-03104, BDU:2021-03102, BDU:2021-03104, BDU:2021-03098, BDU:2021-03097, BDU:2021-03099, BDU:2021-03100, BDU:2021-03101

2. Possible remedial actions to address the vulnerability

Prohibit opening files in WebP format or - install security updates for package: libwebp**Installing updates is possible in the following ways:**a) If the computer with the installed OS version has access to the vendor’s official repository, run the update as administrator with the command:# yum updateAfter the list of updated packages is displayed, agree to apply the updates by pressing the Y key on the keyboard. Wait until the update installation is complete and make sure that there are no errors during its installation.b)If the computer with the installed OS version does not have access to the vendor’s official repository, you should perform the following actions: - download the updated package (with dependencies if necessary): http://repo.red-soft.ru/redos/7.2c/x86_64/updates/libwebp-0.6.1-4.el7.x86_64.rpm Check the integrity and authenticity of the package according to instructionsInstall the downloaded package(s) with the command:# yum localinstall *.rpmWhen the list of updated packages is displayed, agree to apply the updates by pressingY on the keyboard. Wait for the updates to finish installing and make sure there are no errors during the installation.

Date of last modification: 08.09.2021

OSVersionArchitecturePackageVersionFilename
redosunknown<=Β UNKNOWN

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

18.1%