Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2023-43641

Published: 09/10/2023 Updated: 09/12/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Libcue

Vulnerability Summary

libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

lipnitsk libcue

fedoraproject fedora 37

fedoraproject fedora 38

fedoraproject fedora 39

debian debian linux 10.0

debian debian linux 11.0

debian debian linux 12.0

Vendor Advisories

Debian Security Advisories: DSA-5524-1 libcue -- security update
Kevin Backhouse discovered an out-of-bounds array access in Libcue, a library for parsing CD metadata, which could result in the execution of arbitrary code For the oldstable distribution (bullseye), this problem has been fixed in version 221-3+deb11u1 For the stable distribution (bookworm), this problem has been fixed in version 221-4+deb12u ...
Arch Linux Issues:
An out-of-bounds array access has been found in libcue <= 221, leading to arbitrary code execution while parsing a file ...

Github Repositories

https://github.com/0xKilty/RE-learning-resources

RE-learning-resources Resources to learn more about reverse engineering and binary exploitation Contents Tools Disassemblers Programming Other Tools Guides Video Series Courses Other Guides CTF Challenges Papers Sites Heap Exploitation Tools Decompilers Ghidra - developed by the NSA for reverse engineering which is widely used IDA Pro - developed by Hex-Rays used for

Recent Articles

Researcher bags two-for-one deal on Linux bugs while probing GNOME component
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources One-click exploit could potentially affect most major distros

Researchers discovered a high-severity remote code execution (RCE) vulnerability in an inherent component of GNOME-based Linux distros, potentially impacting a huge number of users. Tracked as CVE-2023-43641, exploiting the vulnerability in the relatively small libcue library takes advantage of the tracker-miners application to facilitate a one-click RCE attack. The issue is thought to affect all GNOME-based distros, including RHEL, SUSE, and Debian, but has only been proven to work on the lates...

Read more...

References

CWE-787https://github.blog/2023-10-09-coordinated-disclosure-1-click-rce-on-gnome-cve-2023-43641/https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cjhttps://github.com/lipnitsk/libcue/commit/cfb98a060fd79dbc3463d85f0f29c3c335dfa0eahttps://github.com/lipnitsk/libcue/commit/fdf72c8bded8d24cfa0608b8e97f2eed210a920ehttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/57JEYTRFG4PVGZZ7HIEFTX5I7OONFFMI/https://lists.debian.org/debian-lts-announce/2023/10/msg00018.htmlhttps://www.debian.org/security/2023/dsa-5524https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PGQOMFDBXGM3DOICCXKCUS76OTKTSPMN/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XUS4HTNGGGUIFLYSKTODCRIOXLX5HGV3/http://packetstormsecurity.com/files/176128/libcue-2.2.1-Out-Of-Bounds-Access.htmlhttps://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5524
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook