Ubuntu
usbrelay package

usbrelay buffer overflows from argv

Bug #1837755 reported by jenna
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
usbrelay (Ubuntu)
New
Undecided
Unassigned

Bug Description

The program copies strings from argv into fixed size heap buffers with unchecked strcpy.

https://salsa.debian.org/debian/usbrelay/blob/master/usbrelay.c#L60

$ usbrelay 1111111111
*** buffer overflow detected ***: usbrelay terminated
Aborted (core dumped)

$ lsb_release -rd
Description: Ubuntu 18.04.2 LTS
Release: 18.04

$ apt-cache policy usbrelay
usbrelay:
  Installed: 0.2-1build1
  Candidate: 0.2-1build1
  Version table:
 *** 0.2-1build1 500
        500 http://us.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
        100 /var/lib/dpkg/status

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: ubuntu-release-upgrader-core 1:18.04.34
ProcVersionSignature: Ubuntu 4.18.0-25.26~18.04.1-generic 4.18.20
Uname: Linux 4.18.0-25-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu7.7
Architecture: amd64
CrashDB: ubuntu
CurrentDesktop: KDE
Date: Wed Jul 24 11:36:41 2019
InstallationDate: Installed on 2019-06-10 (43 days ago)
InstallationMedia: Kubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210)
PackageArchitecture: all
SourcePackage: ubuntu-release-upgrader
Symptom: release-upgrade
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
jenna (giantpune) wrote :
Brian Murray (brian-murray)
affects: ubuntu-release-upgrader (Ubuntu) → usbrelay (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.