Hello Salvatore Bonaccorso, On 2026-05-13 20:46, Salvatore Bonaccorso wrote: > Hi, > > The following vulnerabilities were published for bettercap. > > CVE-2026-8275[0]: > | A vulnerability was detected in bettercap up to 2.41.5. Affected by > | this vulnerability is the function ippReadChunkedBody of the file > | modules/zerogod/zerogod_ipp_primitives.go of the component zerogod > | IPP Service. Performing a manipulation results in integer coercion > | error. The attack can be initiated remotely. The attack is > | considered to have high complexity. The exploitation appears to be > | difficult. The exploit is now public and may be used. The patch is > | named 3731d5576cffae9eefe3721cd46a40933304129f. To fix this issue, > | it is recommended to deploy a patch. >
The vulnerability is located in the "zerogod" module. However, this module was introduced later in commit "51a5b4ad6ea917d40f92861fbc1afcfa5a9af6bb" (Thu Sep 19 21:49:02 2024 +0200): https://github.com/bettercap/bettercap/commit/51a5b4ad6ea917d40f92861fbc1afcfa5a9af6bb Our package is based on the bettercap v2.33.0 release, corresponding to commit "9937e797ae40a418ec40836d306af04beff017a4" (Fri Aug 9 11:25:32 2024 +0200): https://github.com/bettercap/bettercap/commit/9937e797ae40a418ec40836d306af04beff017a4 This commit predates the introduction of the "zerogod" module. As a result, the vulnerable code is not present in the version we package. Therefore, I believe this CVE is not applicable to our package. > > CVE-2026-8276[1]: > | A flaw has been found in bettercap up to 2.41.5. Affected by this > | issue is some unknown functionality of the file > | modules/mysql_server/mysql_server.go of the component MySQL Server. > | Executing a manipulation can lead to integer coercion error. The > | attack can be launched remotely. The attack requires a high level of > | complexity. The exploitation is known to be difficult. The exploit > | has been published and may be used. This patch is called > | 0eaa375c5e5446bfba94a290eff92967a5deac9e. It is advisable to > | implement a patch to correct this issue. > This bug has already been addressed in our package. We have applied the corresponding patch in our packaging as commit 0df58045cd294e871fd3227526ac79997410ca00 in Salsa. Regards -- Francisco Vilmar Cardoso Ruviaro <[email protected]> 4096R: 1B8C F656 EF3B 8447 2F48 F0E7 82FB F706 0B2F 7D00

