Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 19 Jan 2012 16:31:41 -0700
From: Kurt Seifried <>
Subject: Re: CVE request: usbmuxd 1.0.7 "receive_packet()"
 Buffer Overflow Vulnerability

On 01/19/2012 04:29 PM, Kurt Seifried wrote:
> rigan has reported a vulnerability in usbmuxd, which potentially can be
> exploited by malicious people with physical access to compromise a
> vulnerable system.
> The vulnerability is caused due to a boundary error within the
> "receive_packet()" function (libusbmuxd/libusbmuxd.c) when processing a
> property list containing an overly long "SerialNumber" field, which can
> be exploited to cause a heap-based buffer overflow.
> Successful exploitation may allow the execution of arbitrary code, but
> requires that the attacker is able to connect a malicious USB device.
> source code commit:
What a well formed CVE request ;)

Please use CVE-2012-0065 for this issue.


-- Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ