CVE-2012-0815 — Numeric Range Comparison Without Minimum Check in RPM

CWE-189 CWE-839 — Numeric Range Comparison Without Minimum Check CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

7.0%

top 8.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

RPM Debian RPM

Timeline

PublishedJun 4

Latest updateMay 14

Description

The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/rpm< rpm 4.9.1.3-1 (bookworm)

▶Debianrpm/rpm< 4.9.1.3-1+3

▶NVDrpm/rpm4.9.1.2+97

Patches

Patch: rpm.org ↗Patch: rpm.org ↗

🔴Vulnerability Details

GHSA

GHSA-6grx-55mc-2wmq: The headerVerifyInfo function in lib/header↗2022-05-14

▶

OSV

CVE-2012-0815: The headerVerifyInfo function in lib/header↗2012-06-04

▶

📋Vendor Advisories

Ubuntu

RPM vulnerabilities↗2013-01-17

▶

Red Hat

rpm: incorrect handling of negated offsets in headerVerifyInfo()↗2012-04-03

▶

Debian

CVE-2012-0815: rpm - The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remot...↗2012

▶

💬Community

Bugzilla

CVE-2012-0815 CVE-2012-0060 CVE-2012-0061 rpm various flaws [fedora-all]↗2012-04-03

▶

Bugzilla

CVE-2012-0815 rpm: incorrect handling of negated offsets in headerVerifyInfo()↗2011-10-07

▶