CVE-2019-6250 (retired)

Priority
Description
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq
(aka 0MQ) 4.2.x and 4.3.x before 4.3.1. A v2_decoder.cpp
zmq::v2_decoder_t::size_ready integer overflow allows an authenticated
attacker to overwrite an arbitrary amount of bytes beyond the bounds of a
buffer, which can be leveraged to run arbitrary code on the target system.
The memory layout allows the attacker to inject OS commands into a data
structure located immediately after the problematic buffer (i.e., it is not
necessary to use a typical buffer-overflow exploitation technique that
changes the flow of control).
Notes
ebarrettoVulnerable code introduce in 4.2.0
Package
Upstream:released (4.3.1-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.2.5-1ubuntu0.1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.3.1-1)
More Information

Updated: 2019-10-09 08:05:39 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)