GeographicLib Buffer Overflow Vulnerability in GeoConvert Tool

A stack buffer overflow vulnerability has been identified in GeographicLib version 2.5.1 and prior, specifically within the GeoConvert tool. The issue arises in the 'DMS::InternalDecode' function, where the program fails to properly validate an internal index, allowing for out-of-bounds writes on the stack. This vulnerability can lead to a segmentation fault, causing a denial-of-service condition. Additionally, it can be exploited to hijack the program's control flow by overwriting a return address to point to a libc function, enabling the execution of arbitrary code through a return-oriented programming (ROP) chain.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, leading to a segmentation fault and a denial-of-service condition. However, the vulnerability can also be exploited to overwrite a return address on the stack, allowing for control flow hijacking and the execution of arbitrary code using a ROP chain.

Reproduction

The vulnerability can be reproduced by using the GeoConvert tool with a crafted input that triggers the buffer overflow. This can be done by sending a specific string that the 'DMS::InternalDecode' function does not properly validate, causing an out-of-bounds write that overwrites the stack.

Remediation

Users are advised to upgrade to GeographicLib version 2.5.2, where this vulnerability has been fixed. If upgrading is not possible, avoid processing untrusted or malformed inputs with GeoConvert and run the program with restricted privileges.