CentOS 7 update for gupnp



Published: 2021-06-16
Risk Low
Patch available YES
Number of vulnerabilities 6
CVE ID CVE-2017-18267
CVE-2018-10733
CVE-2018-10767
CVE-2018-10768
CVE-2018-12910
CVE-2018-13988
CWE ID CWE-674
CWE-126
CWE-476
CWE-20
CWE-125
CWE-120
Exploitation vector Network
Public exploit Public exploit code for vulnerability #3 is available.
Vulnerable software
Subscribe
CentOS
Operating systems & Components / Operating system

Vendor CentOS Project

Security Advisory

1) Uncontrolled recursion

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2017-18267

CWE-ID: CWE-674 - Uncontrolled Recursion

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc due to infinite recursion. A remote attacker can trick the victim into opening a specially crafted PDF file and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7

CPE External links

https://lists.centos.org/pipermail/centos-announce/2021-June/048340.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Heap-based buffer over-read

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-10733

CWE-ID: CWE-126 - Buffer Over-read

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the function ft_font_face_hash of gxps-fonts.c due to heap-based buffer over-read. A remote attacker can trigger memory corruption and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7

CPE External links

https://lists.centos.org/pipermail/centos-announce/2021-June/048340.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Stack-based buffer over-read

Risk: Low

CVSSv3.1: 4.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:U] [PCI]

CVE-ID: CVE-2018-10767

CWE-ID: CWE-126 - Buffer Over-read

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists in the gxps_images_guess_content_type function due to improper rejection of negative return values from a g_input_stream_read call. A remote attacker can submit a specially crafted request, trigger stack-based buffer overread when calling GLib in the gxps_images_guess_content_typefunction, as defined in the gxps-images.c source code file, and cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7

CPE External links

https://lists.centos.org/pipermail/centos-announce/2021-June/048340.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

4) NULL pointer dereference

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-10768

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the AnnotPath::getCoordsLength function in Annot.h due to NULL pointer dereference. A remote attacker can cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7

CPE External links

https://lists.centos.org/pipermail/centos-announce/2021-June/048340.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-12910

CWE-ID: CWE-20 - Improper Input Validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.

The weakness exists due to insufficient validation of cookie requests. A remote attacker can supply specially crafted cookie request, trigger out-of-bounds memory read and gain access to arbitrary data or cause the service to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7

CPE External links

https://lists.centos.org/pipermail/centos-announce/2021-June/048340.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2018-13988

CWE-ID: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Exploit availability: No

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the image rendering functionality due to buffer overflow when handling malicious input. A remote unauthenticated attacker can trick the victim into opening a specially crafted PDF file, trigger memory corruption and cause the system to crash.

Mitigation

Update the affected packages.

Vulnerable software versions

CentOS: 7

CPE External links

https://lists.centos.org/pipermail/centos-announce/2021-June/048340.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###