Unrated severityNVD Advisory· Published Dec 3, 2019· Updated Aug 4, 2024
CVE-2019-5164
CVE-2019-5164
Description
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Shadowsocks-libev/Shadowsocks-libevdescription
- Range: = 3.3.2
- osv-coords3 versionspkg:rpm/opensuse/shadowsocks-libev&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/shadowsocks-libev&distro=openSUSE%20Tumbleweedpkg:rpm/suse/shadowsocks-libev&distro=SUSE%20Package%20Hub%2015%20SP1
< 3.3.3-lp151.2.3.1+ 2 more
- (no CPE)range: < 3.3.3-lp151.2.3.1
- (no CPE)range: < 3.3.5-1.9
- (no CPE)range: < 3.3.3-bp151.5.3.1
Patches
Vulnerability mechanics
References
3- lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.htmlmitrevendor-advisoryx_refsource_SUSE
- talosintelligence.com/vulnerability_reports/TALOS-2019-0958mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.