[3.8] zeromq: Integer overflow in zmq::v2_decoder_t::size_ready (CVE-2019-6250)ID: oval:org.secpod.oval:def:1801300 | Date: (C)2019-04-04 (M)2022-08-08 |
Class: PATCH | Family: unix |
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leveraged to run arbitrary code on the target system. The memory layout allows the attacker to inject OS commands into a data structure located immediately after the problematic buffer .
Platform: |
Alpine Linux 3.8 |