CVE-2016-5104
First published: Thu May 26 2016(Updated: )
It was found that libimobiledevice and libusbmuxd libraries accidentally bound a listening IPv4 TCP socket to INADDR_ANY instead of INADDR_LOOPBACK. This socket is used to communicate with services on an iOS device. The impact is accidental exposure of the iOS device to attackers on the local network. The RHEL workstation itself is not exposed, nor is there an easy escalation for attackers to gain access to the host. Upstream patches: libusbmuxd: <a href="https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196">https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196</a> libimobiledevice: <a href="https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e">https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e</a> CVE request: <a href="http://seclists.org/oss-sec/2016/q2/410">http://seclists.org/oss-sec/2016/q2/410</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| libimobiledevice and libplist | <=1.2.0 | |
| libusbmuxd | <=1.0.10 | |
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =15.10 | |
| Ubuntu Linux | =16.04 | |
| SUSE openSUSE | =42.1 | |
| openSUSE libeconf | =13.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196
- https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e
- http://seclists.org/oss-sec/2016/q2/410
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1339990
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1339991
- http://seclists.org/oss-sec/2016/q2/415
- https://bugzilla.redhat.com/show_bug.cgi?id=1339988
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00042.html
- http://lists.opensuse.org/opensuse-updates/2016-06/msg00029.html
- http://www.openwall.com/lists/oss-security/2016/05/26/1
- http://www.openwall.com/lists/oss-security/2016/05/26/6
- http://www.ubuntu.com/usn/USN-3026-1
- http://www.ubuntu.com/usn/USN-3026-2
- https://lists.debian.org/debian-lts-announce/2020/02/msg00027.html
- https://lists.debian.org/debian-lts-announce/2020/02/msg00028.html
Frequently Asked Questions
What is the severity of CVE-2016-5104?
The severity of CVE-2016-5104 is classified as medium, due to the risk of local network exposure.
How do I fix CVE-2016-5104?
To fix CVE-2016-5104, update the libimobiledevice and libusbmuxd libraries to versions 1.2.1 and 1.0.11 or later.
Who is affected by CVE-2016-5104?
CVE-2016-5104 affects users of libimobiledevice and libusbmuxd on Ubuntu and openSUSE systems.
What does CVE-2016-5104 vulnerability expose?
CVE-2016-5104 exposes an iOS device to unauthorized access from local network attackers.
Is there a workaround for CVE-2016-5104?
A temporary workaround for CVE-2016-5104 is to restrict access to the affected services using firewall rules.
- agent/type
- agent/first-publish-date
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-5104
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- vendor/libimobiledevice
- canonical/libimobiledevice and libplist
- version/libimobiledevice and libplist/1.2.0
- canonical/libusbmuxd
- version/libusbmuxd/1.0.10
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/14.04
- version/ubuntu linux/15.10
- version/ubuntu linux/16.04
- vendor/opensuse
- canonical/suse opensuse
- version/suse opensuse/42.1
- canonical/opensuse libeconf
- version/opensuse libeconf/13.2