Ubuntu update for mercurial
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-17983 CVE-2019-3902 |
| CWE-ID | CWE-125 CWE-61 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Ubuntu Operating systems & Components / Operating system mercurial-common (Ubuntu package) Operating systems & Components / Operating system package or component mercurial (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU15317
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-17983
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The vulnerability exists in the cext/manifest.c file due to improper parsing of manifest entries. A remote attacker can send a manifest entry that submits malicious input, trigger an out-of-bounds read condition to access sensitive information or cause a denial of service (DoS) condition.
MitigationUpdate the affected package mercurial to the latest version.
Vulnerable software versionsUbuntu: 18.04
mercurial-common (Ubuntu package): before 4.5.3-1ubuntu2.2
mercurial (Ubuntu package): before 4.5.3-1ubuntu2.2
External linkshttp://ubuntu.com/security/notices/USN-5102-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Symlink attack
EUVDB-ID: #VU29241
Risk: Medium
CVSSv3.1: 4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-3902
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue. A remote user can create a specially crafted symbolic link to and write files outside a repository.
MitigationUpdate the affected package mercurial to the latest version.
Vulnerable software versionsUbuntu: 18.04
mercurial-common (Ubuntu package): before 4.5.3-1ubuntu2.2
mercurial (Ubuntu package): before 4.5.3-1ubuntu2.2
External linkshttp://ubuntu.com/security/notices/USN-5102-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
