#VU17714 Stack-based buffer overflow in gpsd and microjson - CVE-2018-17937

Cybersecurity Help s.r.o.

Published: 2019-02-15

Vulnerability identifier: #VU17714

Vulnerability risk: Medium

CVSSv4.0: 5.2 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-17937

CWE-ID: CWE-121

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
gpsd
Client/Desktop applications / Other client software
microjson
Client/Desktop applications / Office applications

Vendor: Eric S. Raymond

Description

The vulnerability allows an adjacent attacker to gain elevated privileges on the target system.

The vulnerability exists due to a boundary error when handling malicious input. An adjacent attacker can trigger stack-based buffer overflow and execute arbitrary code via traffic on Port 2947/TCP or crafted JSON inputs.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation
Update gpsd to version 3.18 or later.
Update microjson to version 1.4.

Vulnerable software versions

gpsd: 2.90 - 3.17

microjson: 1.0 - 1.3

External links
https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for gpsd

Fedora 29 update for gpsd

Fedora 28 update for gpsd

Privilege escalation in gpsd and microjson