CVE Vulnerability

CVE-2020-28951

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.openwrt.org/?p=project/uci.git;a=commit;h=a3e650911f5e6f67dcff09974df3775dfd615da6 Patch Vendor Advisory
https://git.openwrt.org/?p=openwrt/openwrt.git;a=log;h=refs/tags/v18.06.9 Patch Vendor Advisory
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=5625f5bc36954d644cb80adf8de47854c65d91c3 Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:openwrt:openwrt:*:*:*:*:*:*:*:*
cpe:2.3:a:openwrt:openwrt:*:*:*:*:*:*:*:*
Information

Published : 2020-11-19 07:15

Updated : 2020-12-02 06:57

NVD link : CVE-2020-28951

Mitre link : CVE-2020-28951

Products Affected
No products.
CWE
CWE-416