Bugzilla – Bug 1075965
VUL-0: CVE-2018-5704: openocd: Cross-protocol scripting vulnerability in telnet interface
Last modified: 2018-01-16 20:47:50 UTC
On openocd-devel mailing list it has publicly been reported on Jan 12, 2018 that due to insufficient checks for unknown commands it is possible for a web browser to access a running OpenOCD telnet interface and potentially execute Tcl commands accessing USB- or network-attached JTAG programmers and therefore potentially reading and/or corrupting connected flash chips or on-chip flash of connected microcontrollers.
All past versions of OpenOCD will be affected.
This will mainly affect openSUSE code streams.
The following upstream patches seem related:
http://openocd.zylin.com/4330 (server: telnet: fix comparison between signed and unsigned warning)
http://openocd.zylin.com/4331 (server: bind to IPv4 localhost by default)
http://openocd.zylin.com/4335 (Prevent some forms of Cross Protocol Scripting attacks)
cve requested from mitre.
CVE-2018-5704 assigned by Mitre.