Heap-based buffer overflow in file (Alpine package)
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2019-18218 |
| CWE-ID | CWE-122 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
file (Alpine package) Operating systems & Components / Operating system package or component |
| Vendor | Alpine Linux Development Team |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Heap-based buffer overflow
EUVDB-ID: #VU22303
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-18218
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the cdf_read_property_info() function in cdf.c in file due to improper restrictions of the number of CDF_VECTOR elements. A local user can place a specially crafted CDF (Composite Document File) file on the system, trick the victim into reading it with the affected software, trigger heap-based buffer overflow (4-byte out-of-bounds write) and execute arbitrary code on the target system with elevated privileges.
MitigationInstall update from vendor's website.
Vulnerable software versionsfile (Alpine package): 5.03-r0 - 5.32-r1
CPE2.3- cpe:2.3:o:alpine:file_alpine_package:5.03-r0:*:*:*:*:alpine_linux:*:1.9
- cpe:2.3:o:alpine:file_alpine_package:5.04-r0:*:*:*:*:alpine_linux:*:1.10
- cpe:2.3:o:alpine:file_alpine_package:5.06-r0:*:*:*:*:alpine_linux:*:2.1
https://git.alpinelinux.org/aports/commit/?id=2c3c482d034409a5de8c2c754fc5985b06a97905
https://git.alpinelinux.org/aports/commit/?id=6d181d271ac91ff2d8302855abd03d6a2be5dc27
https://git.alpinelinux.org/aports/commit/?id=9746bba8b1ef891f7af4cc454546ad787884bc84
https://git.alpinelinux.org/aports/commit/?id=9ca7ff46c112e6c03d5874540a286e6e45f1b510
https://git.alpinelinux.org/aports/commit/?id=9e177e38d94223a06ed62c20ac5ba1e4c0fecf1c
https://git.alpinelinux.org/aports/commit/?id=dc538f4f70353a02d01dac905fb662412befffbe
https://git.alpinelinux.org/aports/commit/?id=33bd61f256dd1826d6a7df5ebb8a9e2fc1125ce1
https://git.alpinelinux.org/aports/commit/?id=615b572ef6341859fe6be51d0809da4e783eb89e
https://git.alpinelinux.org/aports/commit/?id=867138742023dde9397648e41743a9173432a7b2
https://git.alpinelinux.org/aports/commit/?id=a1b2628f20bfa8273eebc1d6f4bb289f8e2937ed
https://git.alpinelinux.org/aports/commit/?id=a652d113b8d06b185b3974f6ff91c7f9287c1764
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
