Hello Salvatore Bonaccorso,

On 2026-05-13 20:46, Salvatore Bonaccorso wrote:
> Hi,
> 
> The following vulnerabilities were published for bettercap.
> 
> CVE-2026-8275[0]:
> | A vulnerability was detected in bettercap up to 2.41.5. Affected by
> | this vulnerability is the function ippReadChunkedBody of the file
> | modules/zerogod/zerogod_ipp_primitives.go of the component zerogod
> | IPP Service. Performing a manipulation results in integer coercion
> | error. The attack can be initiated remotely. The attack is
> | considered to have high complexity. The exploitation appears to be
> | difficult. The exploit is now public and may be used. The patch is
> | named 3731d5576cffae9eefe3721cd46a40933304129f. To fix this issue,
> | it is recommended to deploy a patch.
> 

The vulnerability is located in the "zerogod" module. However, this module was
introduced later in commit "51a5b4ad6ea917d40f92861fbc1afcfa5a9af6bb"
(Thu Sep 19 21:49:02 2024 +0200):

https://github.com/bettercap/bettercap/commit/51a5b4ad6ea917d40f92861fbc1afcfa5a9af6bb

Our package is based on the bettercap v2.33.0 release, corresponding to commit
"9937e797ae40a418ec40836d306af04beff017a4" (Fri Aug 9 11:25:32 2024 +0200):

https://github.com/bettercap/bettercap/commit/9937e797ae40a418ec40836d306af04beff017a4

This commit predates the introduction of the "zerogod" module. As a result, the
vulnerable code is not present in the version we package.

Therefore, I believe this CVE is not applicable to our package.

> 
> CVE-2026-8276[1]:
> | A flaw has been found in bettercap up to 2.41.5. Affected by this
> | issue is some unknown functionality of the file
> | modules/mysql_server/mysql_server.go of the component MySQL Server.
> | Executing a manipulation can lead to integer coercion error. The
> | attack can be launched remotely. The attack requires a high level of
> | complexity. The exploitation is known to be difficult. The exploit
> | has been published and may be used. This patch is called
> | 0eaa375c5e5446bfba94a290eff92967a5deac9e. It is advisable to
> | implement a patch to correct this issue.
> 

This bug has already been addressed in our package. We have applied the 
corresponding
patch in our packaging as commit 0df58045cd294e871fd3227526ac79997410ca00 in 
Salsa.

Regards
-- 
Francisco Vilmar Cardoso Ruviaro <[email protected]>
4096R: 1B8C F656 EF3B 8447 2F48 F0E7 82FB F706 0B2F 7D00

Reply via email to