Heap-based buffer overflow in cups-filters (Alpine package)

1) Heap-based buffer overflow

EUVDB-ID: #VU32359

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2015-3279

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71. A remote attacker can use a crafted line size in a print job to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

cups-filters (Alpine package): 1.0.41-r0 - 1.0.53-r0

CPE2.3

• cpe:2.3:o:alpine:cups-filters_alpine_package:1.0.41-r0:*:*:*:*:alpine_linux:*:2.6
• cpe:2.3:o:alpine:cups-filters_alpine_package:1.0.41-r1:*:*:*:*:alpine_linux:*:2.7
• cpe:2.3:o:alpine:cups-filters_alpine_package:1.0.53-r0:*:*:*:*:alpine_linux:*:2.7

External links

https://git.alpinelinux.org/aports/commit/?id=22d19ae2549dce27eef57e63f84720df9bcf1866
https://git.alpinelinux.org/aports/commit/?id=488722e3b47341f0ebaef2fad757f987685538dc
https://git.alpinelinux.org/aports/commit/?id=f00233cea0ab2fa72c0fb478de0cefb4e88d23b4
https://git.alpinelinux.org/aports/commit/?id=1be44ca392422273ad3c7ecb613c385392e93745

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.