Vulnerability Description
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kyzer | Libmspack | 0.3 |
| Debian | Debian Linux | 8.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Canonical | Ubuntu Linux | 12.04 |
| Suse | Linux Enterprise Server | 11 |
| Starwindsoftware | Starwind Virtual San | - |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2019:2049Third Party Advisory
- https://bugs.debian.org/911637Issue TrackingMailing ListThird Party Advisory
- https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4fExploitThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/10/msg00017.htmlMailing ListThird Party Advisory
- https://security.gentoo.org/glsa/201903-20Third Party Advisory
- https://usn.ubuntu.com/3814-1/Third Party Advisory
- https://usn.ubuntu.com/3814-2/Third Party Advisory
- https://usn.ubuntu.com/3814-3/Third Party Advisory
- https://www.openwall.com/lists/oss-security/2018/10/22/1Mailing ListPatchThird Party Advisory
- https://www.starwindsoftware.com/security/sw-20181213-0002/Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2049Third Party Advisory
- https://bugs.debian.org/911637Issue TrackingMailing ListThird Party Advisory
- https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4fExploitThird Party Advisory
- https://lists.debian.org/debian-lts-announce/2018/10/msg00017.htmlMailing ListThird Party Advisory
- https://security.gentoo.org/glsa/201903-20Third Party Advisory
FAQ
What is CVE-2018-18585?
CVE-2018-18585 is a vulnerability with a CVSS score of 4.3 (MEDIUM). chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
How severe is CVE-2018-18585?
CVE-2018-18585 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-18585?
Check the references section above for vendor advisories and patch information. Affected products include: Kyzer Libmspack, Debian Debian Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Workstation.