CVE-2017-1000373
published 2017-06-19CVE-2017-1000373: The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to…
PriorityP351medium6.5CVSS 3.0
AVNACLPRNUINSUCNILAL
EXPLOIT
EPSS
13.38%
95.9th percentile
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | macos_high_sierra | — | — |
| apple | tvos | — | — |
| apple | watchos_4 | — | — |
| openbsd | openbsd | <= 6.1 | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wcg9-65qx-c5vj: The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort()
ghsa_unreviewed·2022-05-17
CVE-2017-1000373 [MEDIUM] CWE-400 GHSA-wcg9-65qx-c5vj: The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort()
The OpenBSD qsort() function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort() to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in arbitrary code execution attacks. This affects OpenBSD 6.1 and possibly earlier versions.
Apple
CVE-2017-1000373: macOS High Sierra 10.13
vendor_apple·2017-09-25·CVSS 6.5
CVE-2017-1000373 [MEDIUM] CVE-2017-1000373: macOS High Sierra 10.13
Apple Security Update: About the security content of macOS High Sierra 10.13
Product: macOS High Sierra
Version: 10.13
CVE: CVE-2017-1000373
Component: CVE-2017-1000373
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version 2.2.1
Apple
CVE-2017-1000373: iOS 11
vendor_apple·2017-09-19·CVSS 6.5
CVE-2017-1000373 [MEDIUM] CVE-2017-1000373: iOS 11
Apple Security Update: About the security content of iOS 11
Product: iOS
Version: 11
CVE: CVE-2017-1000373
Component: CVE-2017-1000373
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version 2.2.1
Apple
CVE-2017-1000373: tvOS 11
vendor_apple·2017-09-19·CVSS 6.5
CVE-2017-1000373 [MEDIUM] CVE-2017-1000373: tvOS 11
Apple Security Update: About the security content of tvOS 11
Product: tvOS
Version: 11
CVE: CVE-2017-1000373
Component: CVE-2017-1000373
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version 2.2.1
Apple
CVE-2017-1000373: watchOS 4
vendor_apple·2017-09-19·CVSS 6.5
CVE-2017-1000373 [MEDIUM] CVE-2017-1000373: watchOS 4
Apple Security Update: About the security content of watchOS 4
Product: watchOS 4
CVE: CVE-2017-1000373
Component: CVE-2017-1000373
Impact: Multiple issues in expat
Description: Multiple issues were addressed by updating to version 2.2.1
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/99177http://www.securitytracker.com/id/1039427https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/stdlib/qsort.c?rev=1.15&content-type=text/x-cvsweb-markuphttps://support.apple.com/HT208112https://support.apple.com/HT208113https://support.apple.com/HT208115https://support.apple.com/HT208144https://www.exploit-db.com/exploits/42271/https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txthttp://www.securityfocus.com/bid/99177http://www.securitytracker.com/id/1039427https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/stdlib/qsort.c?rev=1.15&content-type=text/x-cvsweb-markuphttps://support.apple.com/HT208112https://support.apple.com/HT208113https://support.apple.com/HT208115https://support.apple.com/HT208144https://www.exploit-db.com/exploits/42271/https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
2017-06-19
Published