CVE-2020-29363

An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://github.com/p11-glue/p11-kit/releases	Release Notes Third Party Advisory
https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x	Third Party Advisory
https://www.debian.org/security/2021/dsa-4822	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
https://github.com/p11-glue/p11-kit/releases	Release Notes Third Party Advisory
https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x	Third Party Advisory
https://www.debian.org/security/2021/dsa-4822	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:p11-kit_project:p11-kit:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*

History

21 Nov 2024, 05:23

Type	Values Removed	Values Added
References	~~() https://github.com/p11-glue/p11-kit/releases - Release Notes, Third Party Advisory~~	() https://github.com/p11-glue/p11-kit/releases - Release Notes, Third Party Advisory
References	~~() https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x - Third Party Advisory~~	() https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x - Third Party Advisory
References	~~() https://www.debian.org/security/2021/dsa-4822 - Third Party Advisory~~	() https://www.debian.org/security/2021/dsa-4822 - Third Party Advisory
References	~~() https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory~~	() https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory

12 May 2022, 14:47

Type	Values Removed	Values Added
CPE		cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*
References	~~(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -~~	(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory

20 Apr 2022, 00:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -

Information

Published : 2020-12-16 14:15

Updated : 2024-11-21 05:23

NVD link : CVE-2020-29363

Mitre link : CVE-2020-29363

CVE.ORG link : CVE-2020-29363

JSON object : View

Products Affected

oracle

communications_cloud_native_core_policy

p11-kit_project

p11-kit

debian

debian_linux

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2020-29363", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-12-16T14:15:12.840", "references": [{"url": "https://github.com/p11-glue/p11-kit/releases", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2021/dsa-4822", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/p11-glue/p11-kit/releases", "tags": ["Release Notes", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2021/dsa-4822", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value."}, {"lang": "es", "value": "Se detect\u00f3 un problema en p11-kit versiones 0.23.6 hasta 0.23.21. Se ha detectado un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en el protocolo RPC usado por los comandos remotos del servidor p11-kit y la biblioteca cliente. Cuando la entidad remota proporciona una matriz de bytes serializados en un CK_ATTRIBUTE, es posible que la entidad receptora no asigne una longitud suficiente para que el b\u00fafer almacene el valor deserializado"}], "lastModified": "2024-11-21T05:23:54.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:p11-kit_project:p11-kit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3592022A-B10B-479D-BFAD-94E4E6C2526F", "versionEndExcluding": "0.23.22", "versionStartIncluding": "0.23.6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4479F76A-4B67-41CC-98C7-C76B81050F8E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2020-29363

7.5^/10

5.0^/10

Attach tags to `CVE-2020-29363`