CVE-2017-18199

2018-02-2400:00:00

ubuntu.com

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

74.9%

JSON

realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote
attackers to cause a denial of service (NULL Pointer Dereference) via a
crafted iso file.

Notes

Author	Note
ccdm94	there is no explicit information mentioning what is the patch for this CVE, but it looks like it might have been fixed together with other issues in commit b9ab2a9d36a, according to the comment in the NEWS file. This is the commit that patches CVE-2017-18198. No other changes made to the to the code seem to be related to this vulnerability other than e73a8bb23a4, which looks like an initial version of something improved by commit b9ab2a9d36a. Commit e73a8bb23a4 fixes issue 52091 which is very similar to the issue that is CVE-2017-18198. CVE-2017-18199 involves code that is closely related to the code that is affected by CVE-2017-18198, and further research indicates that the POC for this latter CVE no longer causes a crash when commit e73a8bb23a4 is applied, so it is adequate to assume that it fixes CVE-2017-18199 and that commit b9ab2a9d36a, the improved version of e73a8bb23a4, does so as well.

Author

Note

ccdm94

there is no explicit information mentioning what is the patch for this CVE, but it looks like it might have been fixed together with other issues in commit b9ab2a9d36a, according to the comment in the NEWS file. This is the commit that patches CVE-2017-18198. No other changes made to the to the code seem to be related to this vulnerability other than e73a8bb23a4, which looks like an initial version of something improved by commit b9ab2a9d36a. Commit e73a8bb23a4 fixes issue 52091 which is very similar to the issue that is CVE-2017-18198. CVE-2017-18199 involves code that is closely related to the code that is affected by CVE-2017-18198, and further research indicates that the POC for this latter CVE no longer causes a crash when commit e73a8bb23a4 is applied, so it is adequate to assume that it fixes CVE-2017-18199 and that commit b9ab2a9d36a, the improved version of e73a8bb23a4, does so as well.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchlibcdio< 0.83-4.1ubuntu1+esm1UNKNOWN
ubuntu16.04noarchlibcdio< 0.83-4.2ubuntu1+esm1UNKNOWN