Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 573160 (CVE-2016-2090)

Summary: <dev-libs/libbsd-0.8.2: Buffer overflow in fgetwln (CVE-2016-2090)
Product: Gentoo Security Reporter: Hanno Böck <hanno>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: freedesktop-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Hanno Böck gentoo-dev 2016-01-27 22:00:45 UTC 
I have found a buffer overflow in libbsd. Upstream has released 0.8.2 today to fix it.

I think the affected function is rarely used, so I assume impact is relatively limited.

Upstream commit with explanation:
http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7

Please bump.
Comment 1 Manuel Rüger (RETIRED) gentoo-dev 2016-02-06 14:10:19 UTC 
Added 0.8.2 which includes a fix for this.

Arches please test and stablize.
Comment 2 Tobias Klausmann (RETIRED) gentoo-dev 2016-02-09 11:57:32 UTC 
Stable on alpha.
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-10 12:53:25 UTC 
Stable for HPPA.
Comment 4 Agostino Sarubbo gentoo-dev 2016-02-11 12:28:34 UTC 
amd64 stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2016-02-13 08:22:13 UTC 
Stable for PPC64.
Comment 6 Markus Meier gentoo-dev 2016-02-14 17:21:53 UTC 
arm stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-03-15 16:39:42 UTC 
x86 stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-03-16 12:06:13 UTC 
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-03-19 11:36:15 UTC 
sparc stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2016-03-19 13:06:27 UTC 
CVE-2016-2090 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2090):
  libbsd 0.8.1 and earlier contains a buffer overflow in the function
  fgetwln(). An if checks if it is necessary to reallocate memory in the
  target buffer. However this check is off by one, therefore an out of
  bounds write happens.
Comment 11 Aaron Bauman (RETIRED) gentoo-dev 2016-03-19 13:11:17 UTC 
GLSA opened.
Comment 12 Aaron Bauman (RETIRED) gentoo-dev 2016-03-24 06:57:00 UTC 
@maintainers, still pending cleanup of vulnerable ebuilds.  Please let us know when complete or if you are unable to at this time.  Thanks.
Comment 13 Michael Palimaka (kensington) gentoo-dev 2016-03-24 11:32:10 UTC 
Cleanup done.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2016-07-20 11:22:16 UTC 
This issue was resolved and addressed in
 GLSA 201607-13 at https://security.gentoo.org/glsa/201607-13
by GLSA coordinator Aaron Bauman (b-man).