Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 446822 (CVE-2012-6303)

Summary: <dev-tcltk/snack-2.2.10-r5: Buffer overflow via specially crafted WAV files (CVE-2012-6303)
Product: Gentoo Security Reporter: Sean Amoss (RETIRED) <ackle>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: tcltk
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.openwall.com/lists/oss-security/2012/12/10/2
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
Script to generate the wav file
none
script to trigger the DOS ot check for its fix. none

Description Sean Amoss (RETIRED) gentoo-dev Security 2012-12-11 01:25:15 UTC
As per $URL, MITRE has assigned CVE-2012-6303 to buffer overflow vulnerabilities in Snack which could result in user-assisted execution of arbitrary code.
Comment 1 Sean Amoss (RETIRED) gentoo-dev Security 2012-12-11 12:36:54 UTC
*** Bug 446870 has been marked as a duplicate of this bug. ***
Comment 2 Justin Lecher (RETIRED) gentoo-dev 2013-01-09 17:06:33 UTC
Created attachment 334962 [details]
Script to generate the wav file
Comment 3 Justin Lecher (RETIRED) gentoo-dev 2013-01-09 17:06:50 UTC
+*snack-2.2.10-r5 (09 Jan 2013)
+
+  09 Jan 2013; Justin Lecher <jlec@gentoo.org> +snack-2.2.10-r5.ebuild,
+  +files/snack-2.2.10-CVE-2012-6303-fix.patch, metadata.xml:
+  Add fix from Fedora for CVE-2012-6303, #446822
+
Comment 4 Justin Lecher (RETIRED) gentoo-dev 2013-01-09 17:07:15 UTC
Created attachment 334964 [details]
script to trigger the DOS ot check for its fix.
Comment 5 Justin Lecher (RETIRED) gentoo-dev 2013-01-09 17:07:34 UTC
Its fixed now. Test scripts are attached.
Comment 6 Sean Amoss (RETIRED) gentoo-dev Security 2013-01-15 22:35:24 UTC
(In reply to comment #5)
> Its fixed now. Test scripts are attached.

Thanks, Justin. Is this version ready for stabilization?
Comment 7 Justin Lecher (RETIRED) gentoo-dev 2013-01-16 09:10:18 UTC
(In reply to comment #6)
> (In reply to comment #5)
> > Its fixed now. Test scripts are attached.
> 
> Thanks, Justin. Is this version ready for stabilization?

Only the code fix for this issue is new. So I would say yes.
Comment 8 Sean Amoss (RETIRED) gentoo-dev Security 2013-01-24 13:50:10 UTC
Arches, please test and mark stable:
=dev-tcltk/snack-2.2.10-r5
Comment 9 Jeroen Roovers (RETIRED) gentoo-dev 2013-01-24 16:47:24 UTC
Stable for HPPA.
Comment 10 Agostino Sarubbo gentoo-dev 2013-01-24 22:24:05 UTC
amd64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2013-01-24 22:24:19 UTC
x86 stable
Comment 12 Agostino Sarubbo gentoo-dev 2013-01-26 13:13:02 UTC
ppc64 stable
Comment 13 Agostino Sarubbo gentoo-dev 2013-01-27 13:55:41 UTC
ppc stable
Comment 14 Agostino Sarubbo gentoo-dev 2013-02-06 19:48:06 UTC
sparc stable
Comment 15 Agostino Sarubbo gentoo-dev 2013-02-08 16:46:06 UTC
alpha stable
Comment 16 Sean Amoss (RETIRED) gentoo-dev Security 2013-03-16 11:40:06 UTC
New GLSA request filed.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2013-09-11 10:29:37 UTC
This issue was resolved and addressed in
 GLSA 201309-04 at http://security.gentoo.org/glsa/glsa-201309-04.xml
by GLSA coordinator Sergey Popov (pinkbyte).
Comment 18 GLSAMaker/CVETool Bot gentoo-dev 2013-11-05 02:39:32 UTC
CVE-2012-6303 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6303):
  Heap-based buffer overflow in the GetWavHeader function in
  generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer
  1.8.8p4, allows remote attackers to cause a denial of service (crash) and
  possibly execute arbitrary code via a large chunk size in a WAV file.