CVE-2020-11105 – CVE-2020-11105 is a critical vulnerability in U... (How to Fix)

Q: What is the severity of CVE-2020-11105?

CVE-2020-11105 has a CVSS score of 9.8 (CRITICAL). CVE-2020-11105 is a critical vulnerability in USC iLab cereal library (up to version 1.3.0) where serialized std::shared_ptr objects can become corrupted when memory addresses are reused. This can lead to data corruption, crashes, or potentially arbitrary code execution depending on how the serialization is used. Any application using the affected cereal library versions for serialization is vulnerable.

📋 TL;DR

CVE-2020-11105 is a critical vulnerability in USC iLab cereal library (up to version 1.3.0) where serialized std::shared_ptr objects can become corrupted when memory addresses are reused. This can lead to data corruption, crashes, or potentially arbitrary code execution depending on how the serialization is used. Any application using the affected cereal library versions for serialization is vulnerable.

💻 Affected Systems

Products:

USC iLab cereal library

Versions: All versions through 1.3.0

Operating Systems: All operating systems using cereal library

Default Config Vulnerable: ⚠️ Yes

Notes: Any application using cereal's shared_ptr serialization functionality is affected regardless of configuration.

📦 What is this software?

Cereal by Usc

View all CVEs affecting Cereal →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution or complete system compromise if serialization is used in security-critical contexts like authentication or deserialization of untrusted data.

🟠

Likely Case

Application crashes, data corruption, or unexpected behavior when serializing/deserializing shared pointer objects.

🟢

If Mitigated

Limited impact if serialization is only used internally with trusted data and proper input validation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Proof of concept demonstrates the memory corruption issue. Exploitation depends on how serialization is used in specific applications.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 1.3.0

Vendor Advisory: https://github.com/USCiLab/cereal/issues/636

Restart Required: Yes

Instructions:

1. Update cereal library to version after 1.3.0. 2. Recompile all applications using cereal. 3. Restart affected services.

🔧 Temporary Workarounds

Avoid shared_ptr serialization

all

Modify code to avoid serializing std::shared_ptr objects using cereal

🧯 If You Can't Patch

Isolate systems using vulnerable cereal library from untrusted networks
Implement strict input validation for all serialized data

🔍 How to Verify

Check if Vulnerable:

Check if application links against cereal library version <= 1.3.0

Check Version:

Check build configuration or dependency files for cereal version

Verify Fix Applied:

Verify cereal library version is > 1.3.0 and application has been recompiled

📡 Detection & Monitoring

Log Indicators:

Application crashes during serialization/deserialization
Memory corruption errors in logs

Network Indicators:

Unexpected serialization traffic patterns

SIEM Query:

Search for process crashes containing 'cereal' or 'serialization' in error messages

📊 Metadata

CVE ID: CVE-2020-11105

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-763

Published: March 30, 2020

Last Updated: November 21, 2024

🔗 References

https://github.com/USCiLab/cereal/issues/636 Exploit,Third Party Advisory
https://github.com/USCiLab/cereal/issues/636 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-11105, you might also want to check these: