libzvbi Integer Overflow Vulnerability in _vbi_strndup_iconv Function
Vulnerability
A vulnerability exists in libzvbi versions through 0.2.43, specifically in the _vbi_strndup_iconv function, where improper input handling can lead to an integer overflow. This overflow may cause a heap overflow, potentially allowing for a denial-of-service condition or other impacts. The vulnerability can be exploited remotely and requires user interaction.
Impact
Exploitation of this vulnerability causes an integer overflow, leading to a heap overflow. This type of memory corruption can often be exploited to execute arbitrary code or cause a crash, creating a denial-of-service condition.
Reproduction
The vulnerability can be reproduced by invoking the _vbi_strndup_iconv function with carefully crafted parameters that cause an integer overflow. This can be done by setting the src_size parameter to a value that, when processed, exceeds the buffer allocation limits, leading to a heap overflow.
Remediation
Users are advised to upgrade to libzvbi version 0.2.44, which addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.