usbrelay buffer overflows from argv
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
usbrelay (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
The program copies strings from argv into fixed size heap buffers with unchecked strcpy.
https:/
$ usbrelay 1111111111
*** buffer overflow detected ***: usbrelay terminated
Aborted (core dumped)
$ lsb_release -rd
Description: Ubuntu 18.04.2 LTS
Release: 18.04
$ apt-cache policy usbrelay
usbrelay:
Installed: 0.2-1build1
Candidate: 0.2-1build1
Version table:
*** 0.2-1build1 500
500 http://
100 /var/lib/
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: ubuntu-
ProcVersionSign
Uname: Linux 4.18.0-25-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.9-0ubuntu7.7
Architecture: amd64
CrashDB: ubuntu
CurrentDesktop: KDE
Date: Wed Jul 24 11:36:41 2019
InstallationDate: Installed on 2019-06-10 (43 days ago)
InstallationMedia: Kubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210)
PackageArchitec
SourcePackage: ubuntu-
Symptom: release-upgrade
UpgradeStatus: No upgrade log present (probably fresh install)
affects: | ubuntu-release-upgrader (Ubuntu) → usbrelay (Ubuntu) |