CVE-2019-19795 – CVE-2019-19795 is a heap-based buffer overflow ... (How to Fix)

Q: What is the severity of CVE-2019-19795?

CVE-2019-19795 has a CVSS score of 7.8 (HIGH). CVE-2019-19795 is a heap-based buffer overflow vulnerability in the canonpath function of samurai build system version 0.7. Attackers can exploit this by providing a specially crafted build file, potentially leading to arbitrary code execution. Anyone using samurai 0.7 to process untrusted build files is affected.

📋 TL;DR

CVE-2019-19795 is a heap-based buffer overflow vulnerability in the canonpath function of samurai build system version 0.7. Attackers can exploit this by providing a specially crafted build file, potentially leading to arbitrary code execution. Anyone using samurai 0.7 to process untrusted build files is affected.

💻 Affected Systems

Products:

samurai

Versions: Version 0.7 only

Operating Systems: All platforms where samurai runs (Linux, BSD, macOS, etc.)

Default Config Vulnerable: ⚠️ Yes

Notes: Only vulnerable when processing untrusted build files. The vulnerability is in the canonpath utility function used during build file parsing.

📦 What is this software?

Samurai by Samurai Project

View all CVEs affecting Samurai →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the samurai process, potentially leading to complete system compromise.

🟠

Likely Case

Application crash (denial of service) or limited code execution within the samurai process context.

🟢

If Mitigated

No impact if samurai only processes trusted build files or is patched.

🌐 Internet-Facing: LOW - samurai is typically used as a build tool in development environments, not exposed to internet.

🏢 Internal Only: MEDIUM - could be exploited by malicious internal users or through supply chain attacks with malicious build files.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires the attacker to provide a malicious build file that gets processed by samurai. The GitHub issue contains proof-of-concept details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 0.8 and later

Vendor Advisory: https://github.com/michaelforney/samurai/issues/29

Restart Required: No

Instructions:

1. Upgrade samurai to version 0.8 or later. 2. Replace the vulnerable binary with the patched version. 3. No restart needed as samurai is typically invoked per-build.

🔧 Temporary Workarounds

Avoid processing untrusted build files

all

Only use samurai with trusted build files from verified sources

Use alternative build system

all

Temporarily switch to ninja or another build system until patched

Replace 'samu' commands with 'ninja' in build scripts

🧯 If You Can't Patch

Restrict samurai usage to trusted users only
Implement strict input validation for build files before processing

🔍 How to Verify

Check if Vulnerable:

Check samurai version: 'samu --version' should show 0.7

Check Version:

samu --version

Verify Fix Applied:

After upgrade, 'samu --version' should show 0.8 or higher

📡 Detection & Monitoring

Log Indicators:

Samurai process crashes with segmentation fault
Unusual build file paths or patterns

Network Indicators:

Not applicable - local tool exploitation

SIEM Query:

Process name:samu AND (ExitCode:139 OR Signal:SIGSEGV)

📊 Metadata

CVE ID: CVE-2019-19795

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: December 13, 2019

Last Updated: November 21, 2024

🔗 References

https://github.com/michaelforney/samurai/issues/29 Exploit,Issue Tracking,Third Party Advisory
https://github.com/michaelforney/samurai/issues/29 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-19795, you might also want to check these: