CVE-2017-10929 - Vulnerability Details - OpenCVE

The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Radare	Radare2

Configuration 1 [-]

cpe:2.3:a:radare:radare2:1.5.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/99608
https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85
https://github.com/radare/radare2/issues/7855

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-05T12:00:00

Updated: 2024-08-05T17:50:12.795Z

Reserved: 2017-07-05T00:00:00

Link: CVE-2017-10929

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-07-05T12:29:00.180

Modified: 2024-11-21T03:06:46.487

Link: CVE-2017-10929

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-07-05T00:00:00", "descriptions": [{"lang": "en", "value": "The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-18T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "99608", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/99608"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/radare/radare2/issues/7855"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-10929", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "99608", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99608"}, {"name": "https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85", "refsource": "CONFIRM", "url": "https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85"}, {"name": "https://github.com/radare/radare2/issues/7855", "refsource": "CONFIRM", "url": "https://github.com/radare/radare2/issues/7855"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T17:50:12.795Z"}, "title": "CVE Program Container", "references": [{"name": "99608", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/99608"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/radare/radare2/issues/7855"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-10929", "datePublished": "2017-07-05T12:00:00", "dateReserved": "2017-07-05T00:00:00", "dateUpdated": "2024-08-05T17:50:12.795Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:radare:radare2:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1F6336FC-AB50-4F45-B01E-2BC3BA758117", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the grub_disk_read_small_real function in kern/disk.c in GNU GRUB 2.02."}, {"lang": "es", "value": "La funci\u00f3n grub_memmove en el archivo shlr/grub/kern/misc.c en radare2 versi\u00f3n 1.5.0, permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria y bloqueo de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado por medio de un archivo binario creado, posiblemente relacionado con un desbordamiento de lectura en la funci\u00f3n grub_disk_read_small_real en el archivo kern/disk.c en GNU GRUB versi\u00f3n 2.02."}], "id": "CVE-2017-10929", "lastModified": "2024-11-21T03:06:46.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-05T12:29:00.180", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99608"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/radare/radare2/issues/7855"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/99608"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/radare/radare2/commit/c57997e76ec70862174a1b3b3aeb62a6f8570e85"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/radare/radare2/issues/7855"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}