SB2018080713 - Denial of service vulnerabilities in Mercurial
Published: August 7, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2018-13346)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when the mpatch_apply function in mpatch.c incorrectly proceeds in cases where the fragment start is past the end of the original data. A remote unauthenticated attacker can supply specially crafted input, trigger memory corruption and cause the service to crash.
2) Integer overflow (CVE-ID: CVE-2018-13347)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to integer overflow when the mpatch_decode function in mpatch.c mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not. A remote unauthenticated attacker can supply specially crafted input, trigger memory corruption and cause the service to crash.
3) Buffer under-read (CVE-ID: CVE-2018-13348)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to buffer under-read when the mpatch_decode function in mpatch.c mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not. A remote unauthenticated attacker can supply specially crafted input, trigger memory corruption and cause the service to crash.
Remediation
Install update from vendor's website.