Memory leak in cabextract (Alpine package)

1) Memory leak

EUVDB-ID: #VU22957

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-15681

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information on the target system.

The vulnerability exists due memory leak in VNC server code. A remote attacker can read stack memory and disclose sensitive information.

Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR.

Mitigation

Install update from vendor's website.

Vulnerable software versions

cabextract (Alpine package): before 1.9.1-r0

External links

http://git.alpinelinux.org/aports/commit/?id=60d0315bb55d8dd7d0c654dbcf8ca9157bee54f2
http://git.alpinelinux.org/aports/commit/?id=bd5545fe9442912826f75d68a7f88e0a71f0f571
http://git.alpinelinux.org/aports/commit/?id=a522ceff0dc95b23c88082617eb2cb25923d5123
http://git.alpinelinux.org/aports/commit/?id=41ab224df12b8487004a1522b4f671680c082954
http://git.alpinelinux.org/aports/commit/?id=7f993019c4f6466e8d8dc2063699f749eedba865
http://git.alpinelinux.org/aports/commit/?id=bf1ec813f662f128fc6b70f37ef1c0474bb24488
http://git.alpinelinux.org/aports/commit/?id=0b572578bebcf302d72e52216fdfff53165f6e2d
http://git.alpinelinux.org/aports/commit/?id=2e95874e521137050e37c9860bead8ebf1c0a408
http://git.alpinelinux.org/aports/commit/?id=3f0b215e21eca7395224b2eb4c9ef16ce7992771

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.