Ubuntu.comUB:CVE-2018-5392CVE-2018-5392
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
37.1%
mingw-w64 version 5.0.4 by default produces executables that opt in to
ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation
technique used by modern Windows platforms. For ASLR to function, Windows
executables must contain a relocations table. Despite containing the
“Dynamic base” PE header, which indicates ASLR compatibility, Windows
executables produced by mingw-w64 have the relocations table stripped from
them by default. This means that executables produced by mingw-w64 are
vulnerable to return-oriented programming (ROP) attacks. Windows
executables generated by mingw-w64 claim to be ASLR compatible, but are
not. Vulnerabilities in such executables are more easily exploitable as a
result.
References
launchpad.net/bugs/cve/CVE-2018-5392
nvd.nist.gov/vuln/detail/CVE-2018-5392
security-tracker.debian.org/tracker/CVE-2018-5392
sourceforge.net/p/mingw-w64/mailman/message/31034877/
sourceware.org/bugzilla/show_bug.cgi?id=17321
sourceware.org/bugzilla/show_bug.cgi?id=19011
www.cve.org/CVERecord?id=CVE-2018-5392
www.kb.cert.org/vuls/id/307144 (describes workaround)
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
37.1%