Thursday, January 2, 2020

Vulnerability Spotlight: Two buffer overflow vulnerabilities in OpenCV


Dave McDaniel of Cisco Talos discovered these vulnerabilities.

Cisco Talos recently discovered two buffer overflow vulnerabilities in the OpenCV libraries. An attacker could potentially exploit these bugs to cause heap corruptions and potentially code execution. Intel Research originally developed OpenCV in 1999, but it is currently maintained by the non-profit organization OpenCV.org.
OpenCV is used for numerous applications, including facial recognition technology, robotics, motion tracking and various machine learning programs.
In accordance with our coordinated disclosure policy, Cisco Talos worked with OpenCV to ensure that these issues are resolved and that an update is available for affected customers.


Vulnerability details


OpenCV XML persistence parser buffer overflow vulnerability (TALOS-2019-0852/CVE-2019-5063)

An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

OpenCV JSON persistence parser buffer overflow vulnerability (TALOS-2019-0853/CVE-2019-5064)

An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.


Versions tested


Talos tested and confirmed that version OpenCV, version 4.1.0 is affected by these vulnerabilities.


Coverage


The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 50774, 50775

No comments:

Post a Comment