CVE-2017-9831

NameCVE-2017-9831
DescriptionAn integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1029-1
NVD severitymedium (attack range: local)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libmtp (PTS)jessie1.1.8-1vulnerable
stretch1.1.13-1fixed
bullseye, sid, buster1.1.16-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libmtpsource(unstable)1.1.13-1medium
libmtpsourcewheezy1.1.3-35-g0ece104-5+deb7u1mediumDLA-1029-1

Notes

[jessie] - libmtp <no-dsa> (Minor issue; can be fixed in a point release)
https://sourceforge.net/p/libmtp/mailman/message/35735992/
https://sourceforge.net/p/libmtp/code/ci/aa7d91a789873a9d86969028e57f888a1241c085/
reduced patchset: https://lists.debian.org/87lgnzvjvb.fsf@curie.anarc.at
Search for package or bug name: Reporting problems