Vulnerability CVE-2019-18224

Vulnerability Name:

CVE-2019-18224 (CCN-169718)

Assigned:

2019-01-07

Published:

2019-01-07

Updated:

2019-10-29

Summary:

idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

5.6 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
4.9 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-787
CWE-122

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2019-18224

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2613

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2611

Source: CCN
Type: Google Security Research Issue 12420
libidn2/libidn2_to_ascii_8z_fuzzer: Heap-buffer-overflow in idn2_to_ascii_4i

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12420

Source: XF
Type: UNKNOWN
gnu-libidn2-cve201918224-dos(169718)

Source: CCN
Type: libidn2 GIT Repository
idn2_to_ascii_4i(): Restrict output length to 63

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/libidn/libidn2/commit/e4d1558aa2c1c04a05066ee8600f37603890ba8c

Source: MISC
Type: Release Notes, Third Party Advisory
https://github.com/libidn/libidn2/compare/libidn2-2.1.0...libidn2-2.1.1

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-a8d35fcf7c

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-d3221d69e0

Source: BUGTRAQ
Type: UNKNOWN
20200203 [SECURITY] [DSA 4613-1] libidn2 security update

Source: GENTOO
Type: UNKNOWN
GLSA-202003-63

Source: UBUNTU
Type: UNKNOWN
USN-4168-1

Source: DEBIAN
Type: UNKNOWN
DSA-4613

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-18224

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:libidn2:*:*:*:*:*:*:*:* (Version < 2.1.1)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:libidn2:2.1.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201918224	V	CVE-2019-18224	2023-06-22
oval:org.opensuse.security:def:7598	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51982	P	Security update for python-certifi (Important)	2023-01-25
oval:org.opensuse.security:def:734	P	Security update for openvswitch (Moderate)	2022-09-06
oval:org.opensuse.security:def:3013	P	apache2-mod_nss-1.0.14-19.9.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3338	P	python-PyYAML-3.12-26.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3326	P	perl-DBD-mysql-4.021-12.5.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3611	P	libjasper1-1.900.14-195.15.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3599	P	libgoa-1_0-0-3.20.8-10.4.50 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2961	P	kernel-firmware-all-20220119-150400.2.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2870	P	autofs-5.1.3-150000.7.11.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2959	P	kdump-1.0.2+git10.g26f0b96-150400.1.4 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2951	P	hunspell-1.6.2-3.8.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2945	P	gstreamer-1.20.1-150400.1.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94643	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2921	P	flac-devel-1.3.2-3.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2912	P	e2fsprogs-1.46.4-150400.1.80 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2906	P	dbus-1-glib-0.108-1.29 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2892	P	coreutils-8.32-150400.7.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2880	P	bluez-5.62-150400.2.5 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2874	P	bash-4.4-150400.25.22 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:140	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:1069	P	Security update for ImageMagick (Moderate)	2022-05-20
oval:org.opensuse.security:def:1435	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP3) (Important)	2022-03-01
oval:org.opensuse.security:def:112652	P	libidn2-0-2.3.2-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:64835	P	Security update for systemd (Moderate)	2022-01-11
oval:org.opensuse.security:def:51709	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:68269	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP2) (Important)	2021-10-12
oval:org.opensuse.security:def:106133	P	libidn2-0-2.3.2-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:1634	P	Security update for shibboleth-sp (Low)	2021-09-28
oval:org.opensuse.security:def:63223	P	libwsman-devel-2.6.7-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:69721	P	Security update for mariadb (Moderate)	2021-08-25
oval:org.opensuse.security:def:47967	P	busybox-1.21.1-3.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47953	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48287	P	python-pywbem-0.7.0-4.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48166	P	libotr5-4.0.0-9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48152	P	libmusicbrainz4-2.1.5-27.79 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47952	P	apache2-mod_nss-1.0.14-19.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48151	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48281	P	python-cupshelpers-1.5.7-7.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48088	P	libXvMC1-1.0.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63361	P	openssh-fips-8.4p1-1.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2272	P	openssh-fips-8.4p1-1.30 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63021	P	libpcp-devel-4.3.1-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62742	P	flatpak-1.10.2-4.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72095	P	xen-libs-4.14.1_16-1.6 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62158	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71899	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100916	P	libidn2-0-2.2.0-3.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:48852	P	libfbembed2_5-2.5.2.26539-15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48704	P	raptor-2.0.10-3.67 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48612	P	quagga-0.99.22.1-12.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48480	P	libapr-util1-1.5.3-1.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48951	P	libvdpau1-32bit-1.1.1-6.73 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48867	P	libproxy1-networkmanager-32bit-0.4.13-16.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48653	P	xorg-x11-7.6_1-14.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48505	P	libimobiledevice6-1.2.0-7.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48413	P	evince-3.20.1-5.66 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:74350	P	Security update for libass (Moderate)	2021-05-20
oval:org.opensuse.security:def:49121	P	Security update for containerd, docker, runc (Important)	2021-04-30
oval:org.opensuse.security:def:68169	P	Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP2) (Important)	2021-04-28
oval:org.opensuse.security:def:69826	P	Security update for spamassassin (Important)	2021-04-13
oval:org.opensuse.security:def:68755	P	Security update for python-bottle (Important)	2021-02-16
oval:org.opensuse.security:def:93790	P	(Important)	2021-02-11
oval:org.opensuse.security:def:49465	P	Security update for nodejs10 (Moderate)	2021-01-12
oval:org.opensuse.security:def:63587	P	libopencv3_3-3.3.1-4.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2073	P	librelp-devel-1.2.15-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62565	P	libmodplug-devel-0.3.9-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61823	P	libidn2-0-2.2.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62541	P	libXp6-32bit-1.0.3-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71564	P	libidn2-0-2.2.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71622	P	libsndfile-devel-1.0.28-5.5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62542	P	libXrandr2-32bit-1.5.1-2.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49013	P	libid3tag0-0.15.1b-184.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107169	P	libidn2-0-2.2.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116727	P	libidn2-0-2.2.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72211	P	rtkit-0.11+git.20130926-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:100503	P	libidn2-0-2.2.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71509	P	ipmitool-1.8.18+git20200204.7ccea28-1.22 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2597	P	Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (Important)	2020-12-02
oval:org.opensuse.security:def:2686	P	Security update for wireshark (Moderate)	2020-12-02
oval:org.opensuse.security:def:2678	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:2672	P	Security update for ghostscript (Important)	2020-12-02
oval:org.opensuse.security:def:2648	P	Security update for gdm (Moderate)	2020-12-02
oval:org.opensuse.security:def:2639	P	Security update for cups (Moderate)	2020-12-02
oval:org.opensuse.security:def:2633	P	Security update for tiff (Moderate)	2020-12-02
oval:org.opensuse.security:def:2619	P	Security update for conmon, fuse-overlayfs, libcontainers-common, podman (Moderate)	2020-12-02
oval:org.opensuse.security:def:2607	P	Security update for docker (Moderate)	2020-12-02
oval:org.opensuse.security:def:2601	P	Security update for docker (Moderate)	2020-12-02
oval:org.opensuse.security:def:49115	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:2688	P	Security update for bluez (Moderate)	2020-12-02
oval:org.opensuse.security:def:50602	P	Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root (Important)	2020-12-01
oval:org.opensuse.security:def:49212	P	libpcap-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49150	P	libXrender-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49066	P	chrony on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50433	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:52044	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50360	P	Security update for MozillaFirefox, mozilla-nspr and mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:73161	P	libidn2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49078	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66378	P	dstat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49114	P	gstreamer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50510	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:64298	P	libXcursor-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74476	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50264	P	Security update for openvpn (Moderate)	2020-12-01
oval:org.opensuse.security:def:50194	P	libgadu-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50104	P	uuidd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50706	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:64922	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49866	P	subversion-bash-completion on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50633	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:49709	P	perl-MIME-Charset on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49277	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49387	P	NetworkManager on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49611	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50456	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:73043	P	bind-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68858	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49260	P	libwscodecs1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49180	P	libjbig-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50709	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49133	P	lftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49109	P	graphite2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50537	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:50467	P	Security update for nghttp2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50377	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:65511	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50139	P	bluez-cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64410	P	libykcs11-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49982	P	stunnel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50329	P	Security update for net-snmp (Important)	2020-12-01
oval:org.opensuse.security:def:49884	P	reiserfs-kmp-default on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50655	P	Security update for util-linux and shadow (Moderate)	2020-12-01
oval:org.opensuse.security:def:49738	P	glibc-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49533	P	libSoundTouch0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49379	P	containerd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51771	P	Security update for libidn2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49406	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49308	P	python3-Jinja2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49388	P	PackageKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64256	P	gc-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65421	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:64154	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:64048	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:66470	P	libidn2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63914	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:49175	P	libidn2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:110100	P	Security update for libidn2 (Moderate)	2019-12-03
oval:org.opensuse.security:def:90877	P	Security update for libidn2 (Moderate)	2019-11-28
oval:org.opensuse.security:def:99838	P	(Moderate)	2019-11-28
oval:org.opensuse.security:def:103903	P	Security update for libidn2 (Moderate)	2019-11-28
oval:org.opensuse.security:def:100175	P	(Moderate)	2019-11-28
oval:org.opensuse.security:def:104532	P	Security update for libidn2 (Moderate)	2019-11-28
oval:org.opensuse.security:def:97842	P	Security update for libidn2 (Moderate)	2019-11-28
oval:org.opensuse.security:def:90248	P	Security update for libidn2 (Moderate)	2019-11-28
oval:org.opensuse.security:def:75238	P	Security update for libidn2 (Moderate)	2019-11-28
oval:com.redhat.rhba:def:20193621	P	RHBA-2019:3621: libidn2 bug fix and enhancement update (Moderate)	2019-11-05
oval:com.ubuntu.disco:def:2019182240000000	V	CVE-2019-18224 on Ubuntu 19.04 (disco) - medium.	2019-10-21
oval:com.ubuntu.bionic:def:2019182240000000	V	CVE-2019-18224 on Ubuntu 18.04 LTS (bionic) - medium.	2019-10-21
oval:com.ubuntu.xenial:def:2019182240000000	V	CVE-2019-18224 on Ubuntu 16.04 LTS (xenial) - medium.	2019-10-21

BACK