SB2020093043 - Red Hat Enterprise Linux 7 update for audiofile

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020093043

SB2020093043 - Red Hat Enterprise Linux 7 update for audiofile

Published: September 30, 2020

Security Bulletin ID SB2020093043
Severity
High
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Null pointer dereference (CVE-ID: CVE-2018-13440)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the ModuleState::setup function, as defined in the modules/ModuleState.cpp source code file due to a NULL pointer exception bug. A remote attacker can send a malicious CAF file, trigger a NULL pointer dereference condition and cause the affected application to crash.


2) Heap-based buffer overflow (CVE-ID: CVE-2018-17095)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists in the ModuleState::setup function due to a heap-based buffer overflow condition that occurs when running sfconvert. A remote attacker can trick the victim into opening or executing a specially crafted file that submits malicious input, trigger memory corruption and cause the service to crash or execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


Remediation

Install update from vendor's website.

References