Vulnerability Name:

CVE-2020-28928 (CCN-192091)

Assigned:2020-11-19
Published:2020-11-19
Updated:2021-12-02
Summary:In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-787
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2020-28928

Source: CONFIRM
Type: Mailing List, Third Party Advisory
http://www.openwall.com/lists/oss-security/2020/11/20/4

Source: XF
Type: UNKNOWN
musllibc-cve202028928-dos(192091)

Source: MLIST
Type: Mailing List, Third Party Advisory
[apisix-notifications] 20210428 [GitHub] [apisix-docker] starsz merged pull request #166: fix: upgrade alpine version due to CVE-2020-28928

Source: MLIST
Type: Mailing List, Third Party Advisory
[apisix-notifications] 20210428 [apisix-docker] branch master updated: fix: upgrade alpine version due to CVE-2020-28928 (#166)

Source: MLIST
Type: Mailing List, Third Party Advisory
[apisix-notifications] 20210428 [GitHub] [apisix-docker] tao12345666333 opened a new pull request #166: fix: upgrade alpine version due to CVE-2020-28928

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20201130 [SECURITY] [DLA 2474-1] musl security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-0cf36f9134

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-4892dbbf76

Source: MISC
Type: Release Notes, Vendor Advisory
https://musl.libc.org/releases.html

Source: CCN
Type: oss-sec Mailing List, Thu, 19 Nov 2020 18:47:22 -0500
CVE-2020-28928: musl libc: wcsnrtombs destination buffer overflow

Source: CCN
Type: IBM Security Bulletin 6409294 (Security QRadar Analyst Workflow)
IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6491653 (Security Verify Bridge)
ultiple vulnerabilities fixed in IBM Security Verify Bridge - Docker

Source: CCN
Type: musl libc Web site
musl libc

Source: N/A
Type: Patch, Third Party Advisory
N/A

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2020-28928

Vulnerable Configuration:Configuration 1:
  • cpe:/a:musl-libc:musl:*:*:*:*:*:*:*:* (Version <= 1.2.1)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:oracle:graalvm:20.3.2:*:*:*:enterprise:*:*:*
  • OR cpe:/a:oracle:graalvm:21.1.0:*:*:*:enterprise:*:*:*

    • * Denotes that component is vulnerable
    BACK
    musl-libc musl *
    debian debian linux 9.0
    fedoraproject fedora 33
    fedoraproject fedora 34
    oracle graalvm 20.3.2
    oracle graalvm 21.1.0