Heap-based buffer over-read in LibSass

#VU16234 Heap-based buffer over-read in LibSass

Published: 2018-12-04

Vulnerability identifier: #VU16234

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-19839

CWE-ID: CWE-126

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
LibSass
Universal components / Libraries / Libraries used by multiple products

Vendor: Sass

Description

The vulnerability allows a remote attacker to cause DoS condition.

The vulnerability exists due to heap-based buffer over-read in the function handle_error in sass_context.cpp. A remote attacker can send a specially crafted sass file, trigger memory corruption and cause the service to crash.

Mitigation
Update to version 3.5.5.

Vulnerable software versions

LibSass: 3.4.0 - 3.5.4

External links
http://github.com/sass/libsass/issues/2657

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Watson Machine Learning Accelerator on Cloud Pak for Data

Multiple vulnerabilities in IBM QRadar User Behavior Analytics

Multiple vulnerabilities in IBM Edge Application Manager

Multiple vulnerabilities in IBM Security Verify Information Queue

Denial of service in LibSass