CVE-2016-5104

The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote attackers to bypass intended access restrictions and communicate with services on iOS devices by connecting to an IPv4 TCP socket.

References

Affected packages

Debian:11 / libimobiledevice

Package

Name: libimobiledevice
Purl: pkg:deb/debian/libimobiledevice?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.0+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libimobiledevice

Package

Name: libimobiledevice
Purl: pkg:deb/debian/libimobiledevice?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.0+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libimobiledevice

Package

Name: libimobiledevice
Purl: pkg:deb/debian/libimobiledevice?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.0+dfsg-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:11 / libusbmuxd

Package

Name: libusbmuxd
Purl: pkg:deb/debian/libusbmuxd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.10-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libusbmuxd

Package

Name: libusbmuxd
Purl: pkg:deb/debian/libusbmuxd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.10-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libusbmuxd

Package

Name: libusbmuxd
Purl: pkg:deb/debian/libusbmuxd?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.10-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/libimobiledevice/libimobiledevice

Affected ranges

Type: GIT
Repo: https://github.com/libimobiledevice/libimobiledevice
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

df1f5c4d70d0c19ad40072f5246ca457e7f9849e

Fixed

df1f5c4d70d0c19ad40072f5246ca457e7f9849e

Type: GIT
Repo: https://github.com/libimobiledevice/libusbmuxd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

4397b3376dc4e4cb1c991d0aed61ce6482614196

Fixed

4397b3376dc4e4cb1c991d0aed61ce6482614196

Affected versions

0.*

0.9.0

0.9.1

0.9.2

0.9.3

0.9.4

0.9.5

0.9.6

0.9.7

1.*

1.0.0

1.0.10

1.0.9

1.1.0

1.1.1

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.1.7

1.2.0