#VU33054 Integer overflow - CVE-2017-9832

Cybersecurity Help s.r.o.

Published: 2017-06-24 | Updated: 2020-08-03

Vulnerability identifier: #VU33054

Vulnerability risk: Medium

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-9832

CWE-ID: CWE-190

Exploitation vector: Local

Exploit availability: No

Description

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.

Mitigation
Install update from vendor's website.

External links
https://lists.debian.org/debian-lts-announce/2020/04/msg00003.html
https://sourceforge.net/p/libmtp/mailman/message/35729062

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Integer overflow in libmtp (Alpine package)

Fedora 24 update for libmtp

Fedora 25 update for libmtp

Fedora 26 update for libmtp

Fedora EPEL 6 update for libmtp11