Heap-based buffer overflow in gnurl (Alpine package)

1) Heap-based buffer overflow

EUVDB-ID: #VU21059

Risk: Medium

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-5482

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the tftp_receive_packet() function when processing TFTP data. A remote attacker can send specially crafted TFTP response to the vulnerable curl client, trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

gnurl (Alpine package): 7.65.3-r0

CPE2.3

• cpe:2.3:a:alpine:gnurl_alpine_package:7.65.3-r0:*:*:*:*:alpine_linux:*:3.11

External links

https://git.alpinelinux.org/aports/commit/?id=6159078bc4d89ad55278438f77391a0e1068caad
https://git.alpinelinux.org/aports/commit/?id=8fd649824a89c73869a7bc156d86116635eb3871
https://git.alpinelinux.org/aports/commit/?id=c64caaa6d0cf04cf1a2a90b1b751edef900fd849
https://git.alpinelinux.org/aports/commit/?id=b77fa2226959933b28b88ca21a46b6ff5128f4f9
https://git.alpinelinux.org/aports/commit/?id=36ecea72e973a1cb6755d0b0ca25fed57b7c1cb8
https://git.alpinelinux.org/aports/commit/?id=1c04cce7036cdb842535ee6ad5f944794fc04c74
https://git.alpinelinux.org/aports/commit/?id=5b3d6caf5ec2dd362978aa3e81badf606daa76ef

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.