CVE-2017-1000494

Publication date 3 January 2018

Last updated 24 July 2024

Ubuntu priority

Cvss 3 Severity Score

Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
miniupnpc	19.04 disco	Fixed 1.9.20140610-4ubuntu2
	18.10 cosmic	Fixed 1.9.20140610-4ubuntu2
	18.04 LTS bionic	Fixed 1.9.20140610-4ubuntu2
	17.10 artful	Fixed 1.9.20140610-4ubuntu1.1
	17.04 zesty	Ignored end of life
	16.04 LTS xenial	Fixed 1.9.20140610-2ubuntu2.16.04.2
	14.04 LTS trusty	Fixed 1.6-3ubuntu2.14.04.4
miniupnpd	19.04 disco	Not affected
	18.10 cosmic	Not affected
	18.04 LTS bionic	Not affected
	17.10 artful	Ignored end of life
	17.04 zesty	Ignored end of life
	16.04 LTS xenial	Fixed 1.8.20140523-4.1+deb9u1build0.16.04.1
	14.04 LTS trusty	Not in release

Notes

mdeslaur

bug mentions second issue, which is fixed by https://github.com/miniupnp/miniupnp/commit/a0573e251817ec090a8c9f9f41b56d720c835a6c doesn't seem to be a CVE number for the second issue Another issue in https://github.com/miniupnp/miniupnp/issues/267 fixed by https://github.com/miniupnp/miniupnp/commit/9fcc0a72f09e6e1aa46ddcc997d3dcae87d4b416 (miniupnpd only) no cve number either

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
miniupnpc	Upstream: 7aeb624
miniupnpd	Upstream: 7aeb624

Severity score breakdown

Parameter	Value
Base score	7.8 · High
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	High
Availability impact	High
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H