CVE-2018-6758
published 2018-02-06CVE-2018-6758: The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
PriorityP349critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
2.09%
79.2th percentile
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | uwsgi | < uwsgi 2.0.15-10.2 (bookworm) | uwsgi 2.0.15-10.2 (bookworm) |
| unbit | uwsgi | <= 2.0.15 | — |
| unbit | uwsgi | >= 0 < 2.0.15-10.2 | 2.0.15-10.2 |
| unbit | uwsgi | >= 0 < 2.0.15-10.2 | 2.0.15-10.2 |
| unbit | uwsgi | >= 0 < 2.0.15-10.2 | 2.0.15-10.2 |
| unbit | uwsgi | >= 0 < 2.0.15-10.2 | 2.0.15-10.2 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gp37-5368-2566: The uwsgi_expand_path function in core/utils
ghsa_unreviewed·2022-05-13
CVE-2018-6758 [CRITICAL] CWE-787 GHSA-gp37-5368-2566: The uwsgi_expand_path function in core/utils
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
OSV
CVE-2018-6758: The uwsgi_expand_path function in core/utils
osv·2018-02-06·CVSS 9.8
CVE-2018-6758 [CRITICAL] CVE-2018-6758: The uwsgi_expand_path function in core/utils
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
Debian
CVE-2018-6758: uwsgi - The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has...
vendor_debian·2018·CVSS 9.8
CVE-2018-6758 [CRITICAL] CVE-2018-6758: uwsgi - The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has...
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
Scope: local
bookworm: resolved (fixed in 2.0.15-10.2)
bullseye: resolved (fixed in 2.0.15-10.2)
forky: resolved (fixed in 2.0.15-10.2)
sid: resolved (fixed in 2.0.15-10.2)
trixie: resolved (fixed in 2.0.15-10.2)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution
bugzilla·2018-02-07·CVSS 9.8
CVE-2018-6758 [CRITICAL] CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution
CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution
The uwsgi_expand_path() function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length. A remote attacker could exploit this to cause a crash or potential arbitrary code execution.
External References:
http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.html
Upstream Fix:
https://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfe
Discussion:
Created uwsgi tracking bugs for this issue:
Affects: epel-all [bug 1542819]
Affects: fedora-all [bug 1542818]
Bugzilla
CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [fedora-all]
bugzilla·2018-02-07·CVSS 9.8
CVE-2018-6758 [CRITICAL] CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [fedora-all]
CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg co
Bugzilla
CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [epel-all]
bugzilla·2018-02-07·CVSS 9.8
CVE-2018-6758 [CRITICAL] CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [epel-all]
CVE-2018-6758 uwsgi: Stack-based buffer overflow in core/utils.c:uwsgi_expand_path() can lead to crash and potential code execution [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit
http://lists.unbit.it/pipermail/uwsgi/2018-February/008835.htmlhttps://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfehttps://lists.debian.org/debian-lts-announce/2018/02/msg00010.htmlhttp://lists.unbit.it/pipermail/uwsgi/2018-February/008835.htmlhttps://github.com/unbit/uwsgi/commit/cb4636f7c0af2e97a4eef7a3cdcbd85a71247bfehttps://lists.debian.org/debian-lts-announce/2018/02/msg00010.html
2018-02-06
Published