{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42415", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2024-08-23T16:07:08.799Z", "datePublished": "2024-10-03T15:24:57.874Z", "dateUpdated": "2024-10-04T23:02:53.329Z"}, "containers": {"cna": {"affected": [{"vendor": "GNOME Project", "product": "G Structured File Library (libgsf)", "versions": [{"version": "1.14.52", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-190: Integer Overflow or Wraparound", "type": "CWE", "cweId": "CWE-190"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-10-03T15:24:57.874Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069"}, {"url": "https://gitlab.gnome.org/GNOME/libgsf/-/issues/34", "name": "https://gitlab.gnome.org/GNOME/libgsf/-/issues/34"}], "credits": [{"lang": "en", "value": "Discovered by a member of Cisco Talos."}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2069"}, {"url": "http://www.openwall.com/lists/oss-security/2024/10/04/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-10-04T23:02:53.329Z"}}, {"affected": [{"vendor": "gnome", "product": "libgsf", "cpes": ["cpe:2.3:a:gnome:libgsf:1.14.52:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.14.52", "status": "affected"}]}, {"vendor": "gnome", "product": "libgsf", "cpes": ["cpe:2.3:a:gnome:libgsf:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "commit_634340d31177c02ccdb43171e37291948e7f8974", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-03T17:10:12.913815Z", "id": "CVE-2024-42415", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T17:17:40.368Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-2069"}, {"url": "http://www.openwall.com/lists/oss-security/2024/10/04/3"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-10-04T23:02:53.329Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-42415", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-03T17:10:12.913815Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:gnome:libgsf:1.14.52:*:*:*:*:*:*:*"], "vendor": "gnome", "product": "libgsf", "versions": [{"status": "affected", "version": "1.14.52"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:gnome:libgsf:*:*:*:*:*:*:*:*"], "vendor": "gnome", "product": "libgsf", "versions": [{"status": "affected", "version": "commit_634340d31177c02ccdb43171e37291948e7f8974"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T17:13:43.424Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by a member of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "GNOME Project", "product": "G Structured File Library (libgsf)", "versions": [{"status": "affected", "version": "1.14.52"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069"}, {"url": "https://gitlab.gnome.org/GNOME/libgsf/-/issues/34", "name": "https://gitlab.gnome.org/GNOME/libgsf/-/issues/34"}], "descriptions": [{"lang": "en", "value": "An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-190", "description": "CWE-190: Integer Overflow or Wraparound"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-10-03T15:24:57.874Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42415", "state": "PUBLISHED", "dateUpdated": "2024-10-04T23:02:53.329Z", "dateReserved": "2024-08-23T16:07:08.799Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2024-10-03T15:24:57.874Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnome:libgsf:1.14.52:*:*:*:*:*:*:*", "matchCriteriaId": "8F1D11AD-C49A-473B-A1F7-7FDC04493B1D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de desbordamiento de enteros en el analizador de formato de archivo binario de documento compuesto de la versi\u00f3n v1.14.52 de GNOME Project G Structured File Library (libgsf). Un archivo especialmente manipulado puede provocar un desbordamiento de enteros que permita un desbordamiento de b\u00fafer basado en el mont\u00f3n al procesar la tabla de asignaci\u00f3n de sectores. Esto puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede proporcionar un archivo malicioso para activar esta vulnerabilidad."}], "id": "CVE-2024-42415", "lastModified": "2024-10-09T16:44:20.360", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}]}, "published": "2024-10-03T16:15:05.867", "references": [{"source": "talos-cna@cisco.com", "tags": ["Issue Tracking"], "url": "https://gitlab.gnome.org/GNOME/libgsf/-/issues/34"}, {"source": "talos-cna@cisco.com", "tags": ["Technical Description", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-2069"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "talos-cna@cisco.com", "type": "Primary"}]}

{"bugzilla": {"description": "libgsf: Compound Document Binary File Sector Allocation Table integer overflow vulnerability", "id": "2316307", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316307"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table. This can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.", "An integer overflow vulnerability was found in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf). A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector allocation table, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-42415", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libgsf", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libgsf", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "libgsf", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-10-03T15:24:57Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-42415\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-42415\nhttps://gitlab.gnome.org/GNOME/libgsf/-/issues/34\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2024-2069"], "statement": "This vulnerability is classified as important severity rather than moderate due to its potential for arbitrary code execution, which poses a serious security risk. The integer overflow in the sector allocation table leads to a heap-based buffer overflow, allowing an attacker to write beyond the allocated memory bounds. Exploiting this flaw can result in memory corruption, enabling attackers to execute arbitrary code with the privileges of the affected application. Given that the vulnerability can be triggered by merely opening a specially crafted file, this expands the attack surface significantly, making exploitation feasible even through routine user actions like opening documents.", "threat_severity": "Important"}