#VU13263 Memory corruption in libvorbis - CVE-2018-10392


| Updated: 2018-06-12

Vulnerability identifier: #VU13263

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10392

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libvorbis
Universal components / Libraries / Libraries used by multiple products

Vendor: xiph.org

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper validation of the number of channels by mapping0_forward in mapping0.c in Xiph.Org libvorbis. A remote unauthenticated attacker can send a specially crafted file, trigger heap-based buffer overflow or over-read and cause the service to crash.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libvorbis: 1.3.6

External links
https://gitlab.xiph.org/xiph/vorbis/issues/2335

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for libvorbis
Memory corruption in firefox-esr (Alpine package)
Memory corruption in busybox (Alpine package)
Gentoo update for libvorbis
Red Hat update for libvorbis
Fedora 29 update for mingw-libvorbis
Fedora 28 update for libvorbis
Memory corruption in libvorbis (Alpine package)
OpenSUSE Linux update for libvorbis
OpenSUSE Linux update for libvorbis