SB2017080954 - Integer overflow in libmtp (Alpine package)
Published: August 9, 2017
Security Bulletin ID
SB2017080954
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Physical access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Integer overflow (CVE-ID: CVE-2017-9831)
The vulnerability allows a local non-authenticated attacker to execute arbitrary code.
An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=c54b435a73c6d6000080895918997ad6541e4425
- https://git.alpinelinux.org/aports/commit/?id=03bc091f0abf0c6ab23af90e7a648b81cf9a6b5e
- https://git.alpinelinux.org/aports/commit/?id=0ab6e365fa72b2f59576a69b8a8be16f1bd2fe87
- https://git.alpinelinux.org/aports/commit/?id=330f754f59d7cc8bdd3c7e4ecf31978eaa613129