Bug 1075965 - (CVE-2018-5704) VUL-0: CVE-2018-5704: openocd: Cross-protocol scripting vulnerability in telnet interface
VUL-0: CVE-2018-5704: openocd: Cross-protocol scripting vulnerability in teln...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
All All
: P3 - Medium : Normal
: ---
Assigned To: Andreas Färber
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2018-01-15 10:54 UTC by Andreas Färber
Modified: 2018-01-16 20:47 UTC (History)
5 users (show)

See Also:
Found By: Third Party Developer/Partner
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Färber 2018-01-15 10:54:24 UTC
On openocd-devel mailing list it has publicly been reported on Jan 12, 2018 that due to insufficient checks for unknown commands it is possible for a web browser to access a running OpenOCD telnet interface and potentially execute Tcl commands accessing USB- or network-attached JTAG programmers and therefore potentially reading and/or corrupting connected flash chips or on-chip flash of connected microcontrollers.


All past versions of OpenOCD will be affected.
This will mainly affect openSUSE code streams.
Comment 2 Andreas Färber 2018-01-15 15:36:31 UTC
The following upstream patches seem related:

http://openocd.zylin.com/4330 (server: telnet: fix comparison between signed and unsigned warning)
http://openocd.zylin.com/4331 (server: bind to IPv4 localhost by default)

http://openocd.zylin.com/4335 (Prevent some forms of Cross Protocol Scripting attacks)
Comment 6 Marcus Meissner 2018-01-15 16:39:28 UTC
cve requested from mitre.
Comment 7 Marcus Meissner 2018-01-16 06:56:02 UTC
CVE-2018-5704 assigned by Mitre.