CVE-2019-18609 — librabbitmq - security update

Description

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

How to fix CVE-2019-18609

To remediate CVE-2019-18609, upgrade the affected package to a fixed version below.

—upgrade to 0.10.0-1 or later
—upgrade to 0.5.2-2+deb8u1 or later

Is CVE-2019-18609 being exploited?

Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0, < 0.10.0-1
from 0, < 0.5.2-2+deb8u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (1)

ADVISORYsecurity-tracker.debian.org/tracker/CVE-2019-18609