Ubuntu update for uriparser
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-19198 CVE-2018-19199 CVE-2018-19200 CVE-2018-20721 |
| CWE-ID | CWE-787 CWE-190 CWE-476 CWE-125 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #4 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system liburiparser1 (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU15910
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-19198
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to out-of-bounds write in the uriComposeQuery* and uriComposeQueryEx* functions, as defined in the UriQuery.csource code file. A local attacker can send a specially request that submits malicious input, trigger memory corruption to cause a DoS condition or execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate the affected package uriparser to the latest version.
Vulnerable software versionsUbuntu: 18.04
liburiparser1 (Ubuntu package): before 0.8.4-1+deb9u2build0.18.04.1
CPE2.3- cpe:2.3:o:canonical:ubuntu:18.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:liburiparser1_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5172-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Integer overflow
EUVDB-ID: #VU15909
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-19199
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition or execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in the uriComposeQuery*and uriComposeQueryEx* functions, as defined in the UriQuery.c source code file. A local attacker can send a specially request that submits malicious input, trigger memory corruption to cause a DoS condition or execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate the affected package uriparser to the latest version.
Vulnerable software versionsUbuntu: 18.04
liburiparser1 (Ubuntu package): before 0.8.4-1+deb9u2build0.18.04.1
CPE2.3 External linkshttps://ubuntu.com/security/notices/USN-5172-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Null pointer dereference
EUVDB-ID: #VU15911
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-19200
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The vulnerability exists in the uriResetUri* function, as defined in the UriCommon.c source code file due to the allowance of operations on a NULL input. A local attacker can send a specially request that submits malicious input, trigger NULL pointer dereference to cause a DoS condition.
MitigationUpdate the affected package uriparser to the latest version.
Vulnerable software versionsUbuntu: 18.04
liburiparser1 (Ubuntu package): before 0.8.4-1+deb9u2build0.18.04.1
CPE2.3 External linkshttps://ubuntu.com/security/notices/USN-5172-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU17119
Risk: Low
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2018-20721
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to cause DoS condition.
The vulnerability exists in URI_FUNC() in UriParse.c in uriparser due to a boundary condition. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger out-of-bounds read error for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address and cause the service to crash.
MitigationUpdate the affected package uriparser to the latest version.
Vulnerable software versionsUbuntu: 18.04
liburiparser1 (Ubuntu package): before 0.8.4-1+deb9u2build0.18.04.1
CPE2.3 External linkshttps://ubuntu.com/security/notices/USN-5172-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
