VULHUB ™

MTR is reported prone to an off-by-one buffer overflow vulnerability. The issue is present in the mtr_curses_keyaction() function for the key bindings 's', 'b', 'Q', 'i', 'f', 'm' and 'o'. Exploitation of this vulnerability could allow a local attacker to hijack a raw socket. The possibility of successful exploitation may depend on certain properties of the underlying environment, including the architecture and the compiler version used. These factors may limit the possibility of exploiting the condition to corrupt a sensitive value in memory.

MTR is reported prone to an off-by-one buffer overflow vulnerability. The issue is present in the mtr_curses_keyaction() function for the key bindings 's', 'b', 'Q', 'i', 'f', 'm' and 'o'. Exploitation of this vulnerability could allow a local attacker to hijack a raw socket. The possibility of successful exploitation may depend on certain properties of the underlying environment, including the architecture and the compiler version used. These factors may limit the possibility of exploiting the condition to corrupt a sensitive value in memory.