Vulnerability CVE-2020-36148

Vulnerability Name:

CVE-2020-36148 (CCN-196844)

Assigned:

2020-08-26

Published:

2020-08-26

Updated:

2021-03-09

Summary:

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2020-36148

Source: XF
Type: UNKNOWN
libmysofa-cve202036148-dos(196844)

Source: CCN
Type: libmysofa GIT Repository
NULL pointer dereference in verifyAttribute #138

Source: MISC
Type: Exploit, Third Party Advisory
https://github.com/hoene/libmysofa/issues/138

Source: FEDORA
Type: Mailing List, Patch, Third Party Advisory
FEDORA-2021-4e40ccb5e6

Vulnerable Configuration:

Configuration 1:

cpe:/a:symonics:libmysofa:*:*:*:*:*:*:*:* (Version >= 0.5 and <= 1.1)

Configuration 2:

cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:symonics:libmysofa:0.6:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.9.1:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.5:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.7:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.8:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.9:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:1.0:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:1.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:112712	P	libmysofa-devel-1.2-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106186	P	libmysofa-devel-1.2-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:11189	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:96458	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:103148	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:109805	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:111279	P	Security update for libmysofa (Moderate)	2021-03-18

BACK