CVE-2019-13132

EUVD-2019-4666
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
zeromqlibzmq
𝑥
< 4.0.9
zeromqlibzmq
4.1.0 ≤
𝑥
< 4.1.7
zeromqlibzmq
4.2.0 ≤
𝑥
< 4.3.2
debiandebian_linux
8.0
debiandebian_linux
9.0
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
18.10
canonicalubuntu_linux
19.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
zeromq3
bookworm
4.3.4-6
fixed
bullseye
4.3.4-1+deb11u1
fixed
sid
4.3.5-1
fixed
trixie
4.3.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
zeromq3
bionic
Fixed 4.2.5-1ubuntu0.2
released
cosmic
Fixed 4.2.5-2ubuntu0.2
released
disco
Fixed 4.3.1-3ubuntu2.1
released
eoan
Fixed 4.3.1-3ubuntu2.1
released
focal
Fixed 4.3.1-3ubuntu2.1
released
groovy
Fixed 4.3.1-3ubuntu2.1
released
hirsute
Fixed 4.3.1-3ubuntu2.1
released
impish
Fixed 4.3.1-3ubuntu2.1
released
jammy
Fixed 4.3.1-3ubuntu2.1
released
trusty
Fixed 4.0.4+dfsg-2ubuntu0.1+esm1
released
xenial
Fixed 4.1.4-7ubuntu0.1
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00033.html
http://www.openwall.com/lists/oss-security/2019/07/08/6
http://www.securityfocus.com/bid/109284
https://fangpenlin.com/posts/2024/04/07/how-i-discovered-a-9-point-8-critical-security-vulnerability-in-zeromq-with-mostly-pure-luck/
https://github.com/zeromq/libzmq/issues/3558
https://github.com/zeromq/libzmq/releases
https://lists.debian.org/debian-lts-announce/2019/07/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVCTNUEOFFZUNJOXFCYCF3C6Y6NDILI3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MK7SJYDJ7MMRRRPCUN3SCSE7YK6ZSHVS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6HINI24SL7CU6XIJWUOSGTZWEFOOL7X/
https://news.ycombinator.com/item?id=39970716
https://seclists.org/bugtraq/2019/Jul/13
https://security.gentoo.org/glsa/201908-17
https://usn.ubuntu.com/4050-1/
https://www.debian.org/security/2019/dsa-4477
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00033.html
http://www.openwall.com/lists/oss-security/2019/07/08/6
http://www.securityfocus.com/bid/109284
https://fangpenlin.com/posts/2024/04/07/how-i-discovered-a-9-point-8-critical-security-vulnerability-in-zeromq-with-mostly-pure-luck/
https://github.com/zeromq/libzmq/issues/3558
https://github.com/zeromq/libzmq/releases
https://lists.debian.org/debian-lts-announce/2019/07/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVCTNUEOFFZUNJOXFCYCF3C6Y6NDILI3/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MK7SJYDJ7MMRRRPCUN3SCSE7YK6ZSHVS/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T6HINI24SL7CU6XIJWUOSGTZWEFOOL7X/
https://news.ycombinator.com/item?id=39970716
https://seclists.org/bugtraq/2019/Jul/13
https://security.gentoo.org/glsa/201908-17
https://usn.ubuntu.com/4050-1/
https://www.debian.org/security/2019/dsa-4477