- Description
- Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it. It causes memory corruption. This issue affects Apache ORC C++ library: through 1.8.8, from 1.9.0 through 1.9.5, from 2.0.0 through 2.0.4, from 2.1.0 through 2.1.1. Users are recommended to upgrade to version 1.8.9, 1.9.6, 2.0.5, and 2.1.2, which fix the issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- orc
CVSS 4.0
- Type
- Secondary
- Base score
- 6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:X/R:X/V:X/RE:M/U:Amber
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@apache.org
- CWE-122
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:orc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE62FF1F-4F28-4FBF-93B2-76E0A6B88894",
"versionEndExcluding": "1.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:orc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "463A880A-5E0D-4053-A5B2-CA8A4D017884",
"versionEndExcluding": "1.9.6",
"versionStartIncluding": "1.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:orc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C43D654F-8615-475C-B189-BEE6A6125C9A",
"versionEndExcluding": "2.0.5",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:orc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2EC5BDD-B101-47E3-BABD-81543F6405D3",
"versionEndExcluding": "2.1.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]