Login Sign Up

CVE-2018-20721

9.8 CRITICAL

📋 TL;DR

This vulnerability in uriparser library allows out-of-bounds memory reads when parsing incomplete IPv6 addresses containing embedded IPv4 addresses. Attackers could exploit this to read sensitive memory contents or cause denial of service. Any application using vulnerable uriparser versions for URI parsing is affected.

💻 Affected Systems

Products:
  • uriparser library
  • Applications using uriparser
Versions: uriparser versions before 0.9.1
Operating Systems: All operating systems using vulnerable uriparser
Default Config Vulnerable: ⚠️ Yes
Notes: Any application that calls uriParse*Ex* functions with untrusted URI input is vulnerable

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Uriparser by Uriparser Project

View all CVEs affecting Uriparser →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution through memory corruption leading to complete system compromise

🟠

Likely Case

Denial of service through application crashes or information disclosure via memory reads

🟢

If Mitigated

Application crash with no data loss if proper memory protections are enabled

🌐 Internet-Facing: HIGH - URI parsing is commonly exposed to untrusted input from network sources
🏢 Internal Only: MEDIUM - Internal applications may still process untrusted URIs from various sources

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires sending malformed URIs to applications using vulnerable uriparser functions

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: uriparser 0.9.1 and later

Vendor Advisory: https://github.com/uriparser/uriparser/blob/master/ChangeLog

Restart Required: Yes

Instructions:

1. Update uriparser to version 0.9.1 or later. 2. Recompile applications using uriparser. 3. Restart affected services.

🔧 Temporary Workarounds

Input validation

all

Validate URI input before passing to uriparser functions

Memory protection

linux

Enable ASLR and other memory protection mechanisms

echo 2 > /proc/sys/kernel/randomize_va_space

🧯 If You Can't Patch

  • Implement strict input validation for all URI parsing
  • Isolate vulnerable applications in restricted network segments

🔍 How to Verify

Check if Vulnerable:

Check uriparser version in application dependencies or system packages

Check Version:

pkg-config --modversion uriparser

Verify Fix Applied:

Verify uriparser version is 0.9.1 or later and applications have been recompiled

📡 Detection & Monitoring

Log Indicators:

  • Application crashes
  • Memory access violation errors
  • Unexpected URI parsing failures

Network Indicators:

  • Malformed URI patterns with IPv6/IPv4 hybrid addresses
  • Requests containing '//[::' patterns

SIEM Query:

source="application_logs" AND (error="segmentation fault" OR error="memory violation" OR uri="*//[::*")

📊 Metadata

CVE ID: CVE-2018-20721
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: January 16, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-20721, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)