CVE-2018-5392

mingw-w64 version 5.0.4 by default produces executables that opt in to ASLR, but are not compatible with ASLR. ASLR is an exploit mitigation technique used by modern Windows platforms. For ASLR to function, Windows executables must contain a relocations table. Despite containing the "Dynamic base" PE header, which indicates ASLR compatibility, Windows executables produced by mingw-w64 have the relocations table stripped from them by default. This means that executables produced by mingw-w64 are vulnerable to return-oriented programming (ROP) attacks. Windows executables generated by mingw-w64 claim to be ASLR compatible, but are not. Vulnerabilities in such executables are more easily exploitable as a result.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
VendorProductVersion
mingwmingw-w64
5.0.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mingw-w64
bullseye
unimportant
bookworm
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mingw-w64
noble
needs-triage
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
needs-triage
impish
ignored
hirsute
ignored
groovy
ignored
focal
needs-triage
eoan
ignored
disco
ignored
cosmic
ignored
bionic
needs-triage
xenial
needs-triage
trusty
needs-triage
Common Weakness Enumeration
References
https://www.kb.cert.org/vuls/id/307144
https://www.kb.cert.org/vuls/id/307144