Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-18609

Опубликовано: 01 дек. 2019
Источник: redhat
CVSS3: 8.6
EPSS Низкий

Описание

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 10 (Newton) Operational ToolslibrabbitmqOut of support scope
Red Hat Enterprise Linux 7librabbitmqFixedRHSA-2020:394929.09.2020
Red Hat Enterprise Linux 8librabbitmqFixedRHSA-2020:444504.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190->CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1786646librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow

EPSS

Процентиль: 86%
0.02763
Низкий

8.6 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-18609

CVSS3: 9.8
ubuntu
около 6 лет назад

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

nvd логотип

CVE-2019-18609

CVSS3: 9.8
nvd
около 6 лет назад

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

debian логотип

CVE-2019-18609

CVSS3: 9.8
debian
около 6 лет назад

An issue was discovered in amqp_handle_input in amqp_connection.c in r ...

github логотип

GHSA-356h-gg7j-mwv3

github
больше 3 лет назад

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

oracle-oval логотип

ELSA-2020-4445

oracle-oval
около 5 лет назад

ELSA-2020-4445: librabbitmq security update (MODERATE)

EPSS

Процентиль: 86%
0.02763
Низкий

8.6 High

CVSS3