Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 600178 (CVE-2016-9400)

Summary: <games-action/teeworlds-0.6.4: Remote code execution on teeworlds client
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: games, learath2
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://seclists.org/oss-sec/2016/q4/448
Whiteboard: B1 [glsa cve]
Package list:
games-action/teeworlds-0.6.4
Runtime testing required: ---
Attachments:
Description Flags
Version bump none

Description Thomas Deutschmann (RETIRED) gentoo-dev 2016-11-18 15:09:53 UTC
teeworlds upstream has released version 0.6.4.

https://www.teeworlds.com/?page=news&id=12086 says

> the security vulnerability is worse, attacker controlled memory-writes and
> possibly arbitrary code execution on the client, abusable by any server the
> client joins

The upstream fix:
https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62
Comment 1 Emir Marincic 2017-04-09 17:55:36 UTC
Created attachment 469550 [details, diff]
Version bump

Fixes the old ebuilds as well but i'd remove them completely given this is a RCE. We've yet to see it in use by anyone though so that's nice.

I could also pull-request this if that's desirable.
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2017-04-09 18:02:32 UTC
Thank you for your contribution.

Yes, please create a pull request if possible.

Once a fixed version/ebuild is in repository and stable we will clean up previous versions.


From your patch:
> +PM=$(echo ${PV} | cut -c 1-3)

Please try to match Gentoo style. I.e. if you need to change PV use MY_PV and try to use versionator eclass (https://devmanual.gentoo.org/eclass-reference/versionator.eclass/) instead of cut.
Comment 3 Emir Marincic 2017-04-09 20:14:37 UTC
Made the requested changes and a pull request. https://github.com/gentoo/gentoo/pull/4400
Comment 4 James Le Cuirot gentoo-dev 2017-05-04 21:29:28 UTC
0.6.4 is now in the tree. amd64 and x86 teams, please stabilise. I've tried it out myself on amd64 and it works fine. If you want to try it, it's a relatively small download for a game.
Comment 5 Agostino Sarubbo gentoo-dev 2017-05-05 14:11:09 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2017-05-06 17:20:52 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 7 James Le Cuirot gentoo-dev 2017-05-06 19:54:49 UTC
Old removed. Security team, please continue.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2017-05-26 06:27:21 UTC
This issue was resolved and addressed in
 GLSA 201705-13 at https://security.gentoo.org/glsa/201705-13
by GLSA coordinator Thomas Deutschmann (whissi).