Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 701810 (CVE-2019-18609) - <net-libs/rabbitmq-c-0.10.0: Integer overflow in amqp_handle_input in amqp_connection.c (CVE-2019-18609)
Summary: <net-libs/rabbitmq-c-0.10.0: Integer overflow in amqp_handle_input in amqp_co...
Status: RESOLVED FIXED
Alias: CVE-2019-18609
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-02 22:07 UTC by GLSAMaker/CVETool Bot
Modified: 2020-03-13 02:50 UTC (History)
0 users

See Also:
Package list:
net-libs/rabbitmq-c-0.10.0
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-12-02 22:07:30 UTC 
CVE-2019-18609 (https://nvd.nist.gov/vuln/detail/CVE-2019-18609):
  An issue was discovered in amqp_handle_input in amqp_connection.c in
  rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory
  corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could
  return a malicious frame header that leads to a smaller target_size value
  than needed. This condition is then carried on to a memcpy function that
  copies too much data into a heap buffer.
Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2019-12-03 04:23:27 UTC 
arm64 stable
Comment 2 Agostino Sarubbo gentoo-dev 2019-12-03 10:04:54 UTC 
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2019-12-03 10:08:34 UTC 
sparc stable
Comment 4 Agostino Sarubbo gentoo-dev 2019-12-03 11:56:58 UTC 
ia64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2019-12-03 11:59:24 UTC 
ppc64 stable
Comment 6 Rolf Eike Beer archtester 2019-12-08 11:12:21 UTC 
hppa stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-12-10 10:55:41 UTC 
ppc stable
Comment 8 Thomas Deutschmann (RETIRED) gentoo-dev 2019-12-13 00:09:16 UTC 
x86 stable
Comment 9 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2019-12-24 14:48:00 UTC 
arm stable
Comment 10 Larry the Git Cow gentoo-dev 2019-12-26 15:15:20 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d77087bbc1076b2c3aab19e4649e6c6fbacb6d9b

commit d77087bbc1076b2c3aab19e4649e6c6fbacb6d9b
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2019-12-26 15:14:28 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2019-12-26 15:14:28 +0000

    net-libs/rabbitmq-c: security cleanup
    
    Bug: https://bugs.gentoo.org/701810
    Package-Manager: Portage-2.3.83, Repoman-2.3.20
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-libs/rabbitmq-c/Manifest                |  1 -
 net-libs/rabbitmq-c/rabbitmq-c-0.9.0.ebuild | 55 -----------------------------
 2 files changed, 56 deletions(-)
Comment 11 Thomas Deutschmann (RETIRED) gentoo-dev 2019-12-26 15:19:11 UTC 
New GLSA request filed.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2020-03-13 02:50:52 UTC 
This issue was resolved and addressed in
 GLSA 202003-07 at https://security.gentoo.org/glsa/202003-07
by GLSA coordinator Thomas Deutschmann (whissi).