Discover Government News

Arch Linux Security Advisory ASA-202011-20
=========================================
Severity: Medium
Date    : 2020-11-19
CVE-ID  : CVE-2017-18926 CVE-2020-25713
Package : raptor
Type    : arbitrary code execution
Remote  : No
Link    : https://security.archlinux.org/AVG-1283

Summary
======
The package raptor before version 2.0.15-14 is vulnerable to arbitrary
code execution.

Resolution
=========
Upgrade to 2.0.15-14.

# pacman -Syu "raptor>=2.0.15-14"

The problems have been fixed upstream but no release is available yet.

Workaround
=========
None.

Description
==========
- CVE-2017-18926 (arbitrary code execution)

raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor
RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations
for the XML writer, leading to heap-based buffer overflows (sometimes
seen in raptor_qname_format_as_xml).

- CVE-2020-25713 (arbitrary code execution)

A malformed input file can lead to a segfault due to an out of bounds
array access in raptor_xml_writer_start_element_common.

Impact
=====
A maliciously crafted RDF file can crash the application or execute
arbitrary code.

References
=========
https://bugs.archlinux.org/task/68613
https://www.openwall.com/lists/oss-security/2017/06/07/1
https://bugs.librdf.org/mantis/view.php
https://bugs.librdf.org/mantis/view.php
https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f
https://bugs.librdf.org/mantis/view.php?id=650
;type=bug
https://security.archlinux.org/CVE-2017-18926
https://security.archlinux.org/CVE-2020-25713

ArchLinux: 202011-20: raptor: arbitrary code execution

November 29, 2020

Summary

- CVE-2017-18926 (arbitrary code execution) raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
- CVE-2020-25713 (arbitrary code execution)
A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common.

Resolution

Upgrade to 2.0.15-14. # pacman -Syu "raptor>=2.0.15-14"
The problems have been fixed upstream but no release is available yet.

References

https://bugs.archlinux.org/task/68613 https://www.openwall.com/lists/oss-security/2017/06/07/1 https://bugs.librdf.org/mantis/view.php https://bugs.librdf.org/mantis/view.php https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f https://bugs.librdf.org/mantis/view.php?id=650 ;type=bug https://security.archlinux.org/CVE-2017-18926 https://security.archlinux.org/CVE-2020-25713

Severity
Package : raptor
Type : arbitrary code execution
Remote : No
Link : https://security.archlinux.org/AVG-1283

Workaround

None.

Related News