Integer overflow in libzmq - CVE-2019-6250
Published: January 22, 2019
Vulnerability identifier: #VU17108
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2019-6250
CWE-ID: CWE-190
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: ZeroMQ Project
Affected software:
libzmq
libzmq
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in a v2_decoder.cpp zmq::v2_decoder_t::size_ready. A remote authenticated attacker can overwrite an arbitrary amount of bytes beyond the bounds of a buffer and inject OS commands into a data structure located immediately after the problematic buffer to execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
How to mitigate CVE-2019-6250
Update to version 4.3.1.