CVE-2019-11360 — Out-of-bounds Write in Iptables

CWE-787 — Out-of-bounds Write CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120 — Classic Buffer Overflow6 documents6 sources

Severity

4.2MEDIUMNVD

EPSS

1.4%

top 19.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Netfilter Iptables

Timeline

PublishedJul 12

Latest updateMay 24

Description

A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an attacker to (at least) crash the program or potentially gain code execution via a specially crafted iptables-save file. This is related to add_param_to_argv in xshared.c.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:HExploitability: 0.6 | Impact: 3.6

Affected Packages2 packages

▶Debiannetfilter/iptables< 1.8.3-2+3

▶NVDnetfilter/iptables1.8.2

Patches

Patch: 0day.work ↗Patch: git.netfilter.org ↗Patch: 0day.work ↗

🔴Vulnerability Details

GHSA

GHSA-g644-fvpx-hqm9: A buffer overflow in iptables-restore in netfilter iptables 1↗2022-05-24

▶

CVEList

CVE-2019-11360: A buffer overflow in iptables-restore in netfilter iptables 1↗2019-07-12

▶

OSV

CVE-2019-11360: A buffer overflow in iptables-restore in netfilter iptables 1↗2019-07-12

▶

📋Vendor Advisories

Red Hat

iptables: buffer overflow in iptables-restore↗2019-07-12

▶

Debian

CVE-2019-11360: iptables - A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allows an atta...↗2019

▶