CVE-2019-15540 : filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu

filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2.2 in CDemu does not validate the part size, triggering a heap-based buffer overflow that can lead to root access by a local Linux user.

Published 2019-08-25 17:15:10

Updated 2020-08-24 17:37:01

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowMemory Corruption

Products affected by CVE-2019-15540

Cdemu » Libmirage » Version: 3.2.2
cpe:2.3:a:cdemu:libmirage:3.2.2:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2019-15540

EPSS FAQ

0.10%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 25 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-15540

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-15540

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-15540

https://sourceforge.net/p/cdemu/bugs/119/

CDemu - a virtual CD/DVD drive for Linux / Bug reports / #119 Critical vulnerability in the CSO filter
Exploit;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00089.html

[security-announce] openSUSE-SU-2019:2040-1: moderate: Security update f
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00086.html

[security-announce] openSUSE-SU-2019:2033-1: moderate: Security update f
https://gist.github.com/andreafioraldi/baa79cd78131888d98d6ba680d5f514e

CDemu libmirage buffer overflow detailed issue · GitHub
Exploit;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00017.html

[security-announce] openSUSE-SU-2019:2077-1: moderate: Security update f
https://sourceforge.net/p/cdemu/code/ci/0e9292c9aa34bf545f43f7efe5f0b94faba94962/

CDemu - a virtual CD/DVD drive for Linux / GIT / Commit [0e9292]
Patch;Third Party Advisory

Jump to

Vulnerability Details : CVE-2019-15540

Products affected by CVE-2019-15540

Exploit prediction scoring system (EPSS) score for CVE-2019-15540

CVSS scores for CVE-2019-15540

CWE ids for CVE-2019-15540

References for CVE-2019-15540