Vulnerability CVE-2018-13348

Vulnerability Name:

CVE-2018-13348 (CCN-147328)

Assigned:

2018-06-06

Published:

2018-06-06

Updated:

2020-07-31

Summary:

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2018-13348

Source: XF
Type: UNKNOWN
mercurial-cve201813348-unspecified(147328)

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20200731 [SECURITY] [DLA 2293-1] mercurial security update

Source: MISC
Type: Patch, Vendor Advisory
https://www.mercurial-scm.org/repo/hg/rev/90a274965de7

Source: CCN
Type: Mercurial Web site
Mercurial 4.6.1 (2018-06-06)

Source: MISC
Type: Vendor Advisory
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29

Vulnerable Configuration:

Configuration 1:

cpe:/a:mercurial:mercurial:*:*:*:*:*:*:*:* (Version < 4.6.1)

Configuration CCN 1:

cpe:/a:mercurial:mercurial:4.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201813348	V	CVE-2018-13348	2023-06-22
oval:org.opensuse.security:def:7718	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3124	P	libFLAC++6-1.3.0-11.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94754	P	mercurial-5.9.1-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2929	P	gdk-pixbuf-loader-rsvg-2.52.6-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2919	P	file-5.32-7.14.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:112980	P	mercurial-5.9.1-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10441	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10440	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10428	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:952	P	Security update for python39-pip (Moderate)	2022-01-12
oval:org.opensuse.security:def:10196	P	Security update for net-snmp (Important)	2021-12-27
oval:org.opensuse.security:def:10432	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:10377	P	Security update for xen (Moderate)	2021-12-09
oval:org.opensuse.security:def:10352	P	Security update for containerd, docker, runc (Important)	2021-10-25
oval:org.opensuse.security:def:64594	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:106427	P	mercurial-5.9.1-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71381	P	python3-pycrypto-2.6.1-1.28 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71268	P	libjbig-devel-2.1-1.31 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:10150	P	Security update for xen (Important)	2021-09-03
oval:org.opensuse.security:def:10128	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:48026	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47934	P	zoo-2.10-1020.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47802	P	libvdpau1-1.1.1-6.73 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47609	P	fontconfig-2.11.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47488	P	quagga-0.99.22.1-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47474	P	ppc64-diag-2.7.3-1.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47473	P	powerpc-utils-1.3.3-5.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48174	P	libpng16-16-1.6.8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:2281	P	rmt-server-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2274	P	postgresql-contrib-13-8.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2268	P	memcached-1.5.6-4.5.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2248	P	libct4-1.1.36-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2239	P	frr-7.4-2.25 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2235	P	dovecot23-2.3.11.3-17.5.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2279	P	qemu-5.2.0-9.18 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:68028	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP1) (Important)	2021-07-27
oval:org.opensuse.security:def:10689	P	Security update for bluez (Moderate)	2021-07-22
oval:org.opensuse.security:def:10120	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:11101	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:1473	P	Security update for gupnp (Important)	2021-06-24
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:48534	P	libpng12-0-1.2.50-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48866	P	libpolkit0-32bit-0.113-5.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48701	P	pidgin-otr-4.0.0-6.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48740	P	libpolkit0-32bit-0.113-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48630	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16615	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48722	P	gimp-2.8.10-1.164 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48721	P	gd-32bit-2.1.0-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48599	P	perl-XML-LibXML-2.0019-5.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11391	P	libproxy1-0.4.11-11.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124621	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11413	P	libvte9-0.28.2-17.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48472	P	libXrender1-0.9.8-3.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48388	P	cpio-2.11-29.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10258	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:64681	P	Security update for p7zip (Moderate)	2021-05-04
oval:org.opensuse.security:def:10243	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:10419	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:49466	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:10664	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:10589	P	Security update for gimp (Important)	2020-12-28
oval:org.opensuse.security:def:2204	P	postgresql-contrib-12-2.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17377	P	libzzip-0-13-0.13.67-10.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4091	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17385	P	rhythmbox-3.4-6.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16927	P	mercurial-2.8.2-15.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2223	P	yast2-rmt-1.3.0-1.43 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2213	P	sblim-sfcb-1.4.9-3.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2208	P	qemu-audio-oss-3.1.1.1-9.21.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49922	P	python2-numpy on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51364	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:18499	P	Security update for xmltooling (Important)	2020-12-01
oval:org.opensuse.security:def:17839	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:10570	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10731	P	libexpat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18525	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:10555	P	libtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49790	P	libtool-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51302	P	Security update for raptor (Important)	2020-12-01
oval:org.opensuse.security:def:10508	P	libipa_hbac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49700	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28233	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:10462	P	libHX-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49309	P	python3-PyYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27551	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49213	P	libpcre1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49857	P	perl-Mail-SpamAssassin-Plugin-iXhash2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28268	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:49069	P	conntrack-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17770	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17738	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:17628	P	Security update for mpfr (Moderate)	2020-12-01
oval:org.opensuse.security:def:17592	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17827	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17561	P	Security update for DirectFB (Important)	2020-12-01
oval:org.opensuse.security:def:27498	P	libvorbis-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17504	P	Security update for libzypp (Moderate)	2020-12-01
oval:org.opensuse.security:def:27449	P	libgnutls-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11079	P	libtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17419	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27396	P	evolution-data-server-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10753	P	libksba-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27245	P	nagios on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27161	P	kdirstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27537	P	popt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26819	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27104	P	cvs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27023	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50026	P	postgresql-contrib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26895	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49953	P	libcacard-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26831	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49914	P	mercurial on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67928	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17861	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10740	P	libgssglue-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26820	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49860	P	perl-YAML-LibYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27595	P	Security update for ImageMagick	2020-12-01
oval:com.ubuntu.bionic:def:2018133480000000	V	CVE-2018-13348 on Ubuntu 18.04 LTS (bionic) - medium.	2018-07-06
oval:com.ubuntu.xenial:def:2018133480000000	V	CVE-2018-13348 on Ubuntu 16.04 LTS (xenial) - medium.	2018-07-06
oval:com.ubuntu.artful:def:201813348000	V	CVE-2018-13348 on Ubuntu 17.10 (artful) - untriaged.	2018-07-05
oval:com.ubuntu.xenial:def:201813348000	V	CVE-2018-13348 on Ubuntu 16.04 LTS (xenial) - medium.	2018-07-05
oval:com.ubuntu.bionic:def:201813348000	V	CVE-2018-13348 on Ubuntu 18.04 LTS (bionic) - medium.	2018-07-05
oval:com.ubuntu.cosmic:def:201813348000	V	CVE-2018-13348 on Ubuntu 18.10 (cosmic) - medium.	2018-07-05
oval:com.ubuntu.cosmic:def:2018133480000000	V	CVE-2018-13348 on Ubuntu 18.10 (cosmic) - medium.	2018-07-05
oval:com.ubuntu.trusty:def:201813348000	V	CVE-2018-13348 on Ubuntu 14.04 LTS (trusty) - medium.	2018-07-05

BACK