CVE-2019-11360 - Vulnerability Details - OpenCVE

A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Netfilter	Iptables

Configuration 1 [-]

cpe:2.3:a:netfilter:iptables:1.8.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/
https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e
https://nvd.nist.gov/vuln/detail/CVE-2019-11360
https://www.cve.org/CVERecord?id=CVE-2019-11360

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-12T13:54:45

Updated: 2024-08-04T22:48:09.216Z

Reserved: 2019-04-19T00:00:00

Link: CVE-2019-11360

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-07-12T14:15:11.733

Modified: 2024-11-21T04:20:56.877

Link: CVE-2019-11360

Redhat

Severity : Low

Publid Date: 2019-07-12T00:00:00Z

Links: CVE-2019-11360 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-04-30T00:00:00", "descriptions": [{"lang": "en", "value": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-12T13:54:45", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-11360", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/", "refsource": "MISC", "url": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/"}, {"name": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e", "refsource": "CONFIRM", "url": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:48:09.216Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-11360", "datePublished": "2019-07-12T13:54:45", "dateReserved": "2019-04-19T00:00:00", "dateUpdated": "2024-08-04T22:48:09.216Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netfilter:iptables:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B7416056-2A93-40E8-BB7A-5CA0A0596ADC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en iptables-restore en iptables versi\u00f3n 1.8.2 de netfilter, permite a un atacante (al menos) bloquear el programa o conseguir potencialmente la ejecuci\u00f3n de c\u00f3digo por medio de un archivo iptables-save especialmente dise\u00f1ado. Esto est\u00e1 relacionado con la funci\u00f3n add_param_to_argv en el archivo xshared.c."}], "id": "CVE-2019-11360", "lastModified": "2024-11-21T04:20:56.877", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-12T14:15:11.733", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "URL Repurposed"], "url": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory", "URL Repurposed"], "url": "https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "iptables: buffer overflow in iptables-restore", "id": "1927909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927909"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.2", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-120", "details": ["A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.", "A buffer overflow flaw was found in iptables-restore. This flaw allows a local attacker with sufficiently high privileges, such as root, to provide a specially crafted file, causing a program crash or potential code execution. The highest threat from this vulnerability is to system availability."], "name": "CVE-2019-11360", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "iptables", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "iptables", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "iptables", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "iptables", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "iptables", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "iptables", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2019-07-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-11360\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11360\nhttps://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/"], "statement": "This flaw has been rated as having a security impact of Low because it requires unlikely circumstances to be able to be exploited. Red Hat Enterprise Linux 8 is not affected by this flaw, as the shipped versions of `iptables` already include the patch. Although Red Hat Enterprise Linux 6 and 7 are affected, successful exploitation is prevented by Stack Smashing Protection (SSP), reducing the impact to a denial of service.\nNote that this flaw is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 6 and 7. Red Hat Enterprise Linux 6 is in the Extended Life Phase of the support and maintenance life cycle; Red Hat Enterprise Linux 7 is now in Maintenance Support 2 Phase. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}