#VU14213 Buffer under-read in Mercurial - CVE-2018-13348

Cybersecurity Help s.r.o.

Published: 2018-08-07

Vulnerability identifier: #VU14213

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-13348

CWE-ID: CWE-124

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mercurial
Client/Desktop applications / Other client software

Vendor: Mercurial

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to buffer under-read when the mpatch_decode function in mpatch.c mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not. A remote unauthenticated attacker can supply specially crafted input, trigger memory corruption and cause the service to crash.

Mitigation
Update to version 4.6.1.

Vulnerable software versions

Mercurial: 4.0.0 - 4.6.0

External links
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service vulnerabilities in Mercurial

OpenSUSE Linux update for mercurial