CVE-2022-1534 – CVE-2022-1534 is a buffer over-read vulnerabili... (How to Fix)

Q: What is the severity of CVE-2022-1534?

CVE-2022-1534 has a CVSS score of 7.1 (HIGH). CVE-2022-1534 is a buffer over-read vulnerability in libmobi's parse_rawml.c that allows reading memory beyond allocated buffers. This can lead to information disclosure or application crashes. Anyone using libmobi to process MOBI eBook files is potentially affected.

📋 TL;DR

CVE-2022-1534 is a buffer over-read vulnerability in libmobi's parse_rawml.c that allows reading memory beyond allocated buffers. This can lead to information disclosure or application crashes. Anyone using libmobi to process MOBI eBook files is potentially affected.

💻 Affected Systems

Products:

libmobi

Versions: All versions prior to 0.11

Operating Systems: All platforms where libmobi is used

Default Config Vulnerable: ⚠️ Yes

Notes: Any application or service using libmobi to parse MOBI files is vulnerable.

📦 What is this software?

Libmobi by Libmobi Project

View all CVEs affecting Libmobi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive information from memory, potentially exposing credentials, keys, or other confidential data, leading to further system compromise.

🟠

Likely Case

Application crash (denial of service) or limited information disclosure from adjacent memory regions.

🟢

If Mitigated

With proper input validation and memory protections, impact is limited to application instability without data compromise.

🌐 Internet-Facing: MEDIUM - Exploitation requires processing malicious MOBI files, which could be uploaded to web services using libmobi.

🏢 Internal Only: LOW - Requires local file processing or specific workflows involving MOBI files.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires crafting a malicious MOBI file. Public proof-of-concept exists in the commit reference.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.11 and later

Vendor Advisory: https://github.com/bfabiszewski/libmobi/commit/fb1ab50e448ddbed746fd27ae07469bc506d838b

Restart Required: Yes

Instructions:

1. Update libmobi to version 0.11 or later. 2. Recompile any applications using libmobi. 3. Restart affected services.

🔧 Temporary Workarounds

Input validation

all

Implement strict validation of MOBI file inputs before processing

Memory protection

linux

Enable ASLR and other memory protection mechanisms

echo 2 > /proc/sys/kernel/randomize_va_space

🧯 If You Can't Patch

Restrict upload/processing of MOBI files to trusted sources only
Isolate libmobi processes in containers or sandboxes

🔍 How to Verify

Check if Vulnerable:

Check libmobi version: if < 0.11, vulnerable

Check Version:

pkg-config --modversion libmobi 2>/dev/null || echo 'Check application dependencies'

Verify Fix Applied:

Verify libmobi version is 0.11 or later and test with known malicious MOBI files

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing MOBI files
Memory access violation errors

Network Indicators:

Unusual MOBI file uploads to web services

SIEM Query:

process_name:"libmobi" AND (event_type:crash OR error_message:"buffer over-read")

📊 Metadata

CVE ID: CVE-2022-1534

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE: CWE-126

Published: April 29, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/bfabiszewski/libmobi/commit/fb1ab50e448ddbed746fd27ae07469bc506d838b Patch,Third Party Advisory
https://huntr.dev/bounties/9a90ffa1-38f5-4685-9c00-68ba9068ce3d Exploit,Issue Tracking,Patch,Third Party Advisory
https://github.com/bfabiszewski/libmobi/commit/fb1ab50e448ddbed746fd27ae07469bc506d838b Patch,Third Party Advisory
https://huntr.dev/bounties/9a90ffa1-38f5-4685-9c00-68ba9068ce3d Exploit,Issue Tracking,Patch,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-1534, you might also want to check these: