Fedora 26 update for mingw-wavpack
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-6767 CVE-2018-7253 CVE-2018-7254 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
Fedora Operating systems & Components / Operating system mingw-wavpack Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Stack-based buffer over-read
EUVDB-ID: #VU10573
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6767
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists due to a stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file. A remote attacker can send a specially crafted RF64 file cause the application to crash.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 26
mingw-wavpack: before 5.1.0-4.fc26
CPE2.3- cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-wavpack:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-5950093e69
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU10823
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-7253
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unautheticated attacker to cause DoS condition on the target system.
The weakness exists in the cli/dsdiff.c source codein the ParseDsdiffHeaderConfig function due to boundary error. A remote attacker can send a specially crafted DSDIFF file, trigger memory corruption and cause the service to crash.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 26
mingw-wavpack: before 5.1.0-4.fc26
CPE2.3- cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-wavpack:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-5950093e69
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption
EUVDB-ID: #VU10822
Risk: Low
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2018-7254
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the cli/caff.c source codein the ParseCaffHeaderConfig function due to boundary error. A remote attacker can submit a specially crafted CAF file, trigger a buffer overflow or incorrect memory allocation and cause the service to crash.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 26
mingw-wavpack: before 5.1.0-4.fc26
CPE2.3- cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-wavpack:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-5950093e69
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
