#VU37364 Use-after-free in libming and Debian Linux - CVE-2018-9009


| Updated: 2020-08-08

Vulnerability identifier: #VU37364

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2018-9009

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libming
Universal components / Libraries / Libraries used by multiple products
Debian Linux
Operating systems & Components / Operating system

Vendor: libming.org
Debian

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libming: 0.4.8

Debian Linux: 0.4.8 - 7.0

External links
https://github.com/libming/libming/issues/131
https://lists.debian.org/debian-lts-announce/2018/05/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/47KZ5RYWQMBN5DVDITBVRDNDCSFNBJ3V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQNIJH5EQV2D6KEFGY2467ZS4I7TZLXP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBFCINUX3XXAPPH77OH6NKACBPFBQXXW/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Fedora 32 update for ming
Fedora 31 update for ming
Fedora 30 update for ming
Fedora 29 update for ming
Multiple vulnerabilities in libming