829650 – (CVE-2021-44847) <net-libs/tox-0.2.13: remote code execution

Bug 829650 (CVE-2021-44847) - <net-libs/tox-0.2.13: remote code execution

Summary: <net-libs/tox-0.2.13: remote code execution

Status:	RESOLVED FIXED

Alias:	CVE-2021-44847

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://blog.tox.chat/2021/12/stack-b...
Whiteboard:	B2 [glsa+]
Keywords:	PullRequest

Depends on:	833802
Blocks:
	Show dependency tree

Reported:	2021-12-19 21:12 UTC by John Helmert III
Modified:	2024-03-03 10:37 UTC (History)
CC List:	2 users (show)

See Also:	https://github.com/gentoo/gentoo/pull/23460 https://github.com/gentoo/gentoo/pull/25918
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2021-12-19 21:12:05 UTC

CVE-2021-44847 (https://github.com/TokTok/c-toxcore/pull/1718):

A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.

Please bump to 0.2.13.

Comment 1 Larry the Git Cow gentoo-dev

2022-01-07 05:14:54 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f507f98aca30fe012a14ee6060a9001766aae94a

commit f507f98aca30fe012a14ee6060a9001766aae94a
Author:     Josiah Mullins <JoMull01@protonmail.com>
AuthorDate: 2021-12-21 21:22:45 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-01-07 05:06:17 +0000

    net-libs/tox: Bump to version 0.2.13.
    
    Signed-off-by: Josiah Mullins <JoMull01@protonmail.com>
    Bug: https://bugs.gentoo.org/829650
    Signed-off-by: Sam James <sam@gentoo.org>

 net-libs/tox/Manifest          |   1 +
 net-libs/tox/tox-0.2.13.ebuild | 114 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 115 insertions(+)

Comment 2 Sam James archtester

2022-01-07 05:25:59 UTC

Please file a stable bug & block this one when ready, thanks!

Comment 3 John Helmert III archtester

2022-02-21 21:27:57 UTC

Thanks, please cleanup!

Comment 4 Larry the Git Cow gentoo-dev

2022-06-16 16:32:49 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=55df72a6b4a3e019e583cbb3ed8682b18ad69fc3

commit 55df72a6b4a3e019e583cbb3ed8682b18ad69fc3
Author:     Josiah Mullins <JoMull01@protonmail.com>
AuthorDate: 2022-06-15 21:27:01 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-06-16 16:31:51 +0000

    net-libs/tox: Removed old version 0.2.12-r1
    
    Bug: https://bugs.gentoo.org/829650
    
    Signed-off-by: Josiah Mullins <JoMull01@protonmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 net-libs/tox/Manifest             |   1 -
 net-libs/tox/tox-0.2.12-r1.ebuild | 115 --------------------------------------
 2 files changed, 116 deletions(-)

Comment 5 Larry the Git Cow gentoo-dev

2024-03-03 10:06:56 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=6aa77730901db859e62584749cd973266fe7fffb

commit 6aa77730901db859e62584749cd973266fe7fffb
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-03-03 10:05:56 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-03-03 10:06:50 +0000

    [ GLSA 202403-01 ] Tox: Remote Code Execution
    
    Bug: https://bugs.gentoo.org/829650
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202403-01.xml | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)