Arch Linux: ASA-202310-1 Medium: Libusbmuxd Security Flaw

Arch Linux Security Advisory ASA-201706-5
========================================
Severity: Medium
Date    : 2017-06-05
CVE-ID  : CVE-2016-5104
Package : libusbmuxd
Type    : access restriction bypass
Remote  : Yes
Link    : https://security.archlinux.org/AVG-7

Summary
======
The package libusbmuxd before version 1.0.10-2 is vulnerable to access
restriction bypass.

Resolution
=========
Upgrade to 1.0.10-2.

# pacman -Syu "libusbmuxd>=1.0.10-2"

The problem has been fixed upstream but no release is available yet.

Workaround
=========
None.

Description
==========
The socket_create function in common/socket.c in libimobiledevice and
libusbmuxd allows remote attackers on the local network to bypass
intended access restrictions and communicate with services on affected
devices by connecting to an IPv4 TCP socket.

Impact
=====
A remote attacker is able to interact with a USB-connected device by
connecting to a IPv4 TCP socket.

References
=========
https://gitlab.archlinux.org/explore/groups
https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196
http://www.openwall.com/lists/oss-security/2016/05/26/6
https://security.archlinux.org/CVE-2016-5104