Vulnerability CVE-2020-36149

Vulnerability Name:

CVE-2020-36149 (CCN-196843)

Assigned:

2020-08-26

Published:

2020-08-26

Updated:

2021-03-10

Summary:

Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions (e.g. in embedded environments).

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2020-36149

Source: XF
Type: UNKNOWN
libmysofa-cve202036149-dos(196843)

Source: CCN
Type: libmysofa GIT Repository
NULL pointer dereference in changeAttribute #137

Source: MISC
Type: Exploit, Third Party Advisory
https://github.com/hoene/libmysofa/issues/137

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-4e40ccb5e6

Vulnerable Configuration:

Configuration 1:

cpe:/a:symonics:libmysofa:*:*:*:*:*:*:*:* (Version >= 0.5 and <= 1.1)

Configuration 2:

cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:symonics:libmysofa:0.6:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.9.1:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.5:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.7:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.8:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:0.9:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:1.0:*:*:*:*:*:*:*

OR cpe:/a:symonics:libmysofa:1.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:112712	P	libmysofa-devel-1.2-1.3 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106186	P	libmysofa-devel-1.2-1.3 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:11189	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:96458	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:103148	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:109805	P	Security update for libmysofa (Moderate)	2021-03-22
oval:org.opensuse.security:def:111279	P	Security update for libmysofa (Moderate)	2021-03-18

BACK