Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 608766

Summary: <app-misc/pax-utils: scanelf-1.2.3: out of bounds read w/corrupt hash table
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: slyfox, toolchain
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa]
Package list:
=app-misc/pax-utils-1.2.3
 Runtime testing required: No
Bug Depends on:    
Bug Blocks: 607894, 607896    
Attachments:
Description Flags
stacktrace
none
stacktrace none

Description Agostino Sarubbo gentoo-dev 2017-02-09 15:59:21 UTC 
Created attachment 462980 [details]
stacktrace

I found an out of bounds read in scanelf in pax-utils-1.2.2

Command to reproduce:
scanelf -s '*' -axetrnibSDIYZB $FILE

Reproducer:
https://github.com/asarubbo/poc/blob/master/00169-pax-utils-scanelf-oobread1

Unfortunately I'm unable to get a valid stacktrace.
Comment 1 Agostino Sarubbo gentoo-dev 2017-02-09 16:56:41 UTC 
Created attachment 462982 [details]
stacktrace

(In reply to Agostino Sarubbo from comment #0)
> Unfortunately I'm unable to get a valid stacktrace.

nvm. I can.
Comment 4 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 17:37:55 UTC 
Ping.

Is this completely fixed? Can we close the report?

Thank you,

Gentoo Security Padawan
ChrisADR
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2017-10-08 19:18:51 UTC 
@arches, please stabilize.
Comment 6 Aaron Bauman (RETIRED) gentoo-dev 2017-10-08 19:23:35 UTC 
Disregard, this is not fixed in 1.2.2.
Comment 7 Doug Goldstein (RETIRED) gentoo-dev 2018-02-04 19:14:51 UTC 
fwiw, just to confirm.

git describe --tags 858939ea6ad63f1acb4ec74bba705c197a67d559
v1.2.2-5-g858939e
Comment 8 Doug Goldstein (RETIRED) gentoo-dev 2018-03-11 05:33:43 UTC 
fixed in app-misc/pax-utils-1.2.3 and newer.
Comment 9 Aaron Bauman (RETIRED) gentoo-dev 2018-04-03 19:33:37 UTC 
@arches, please stabilize.
Comment 10 Sergei Trofimovich (RETIRED) gentoo-dev 2018-04-03 21:51:55 UTC 
ppc64 stable
Comment 11 Larry the Git Cow gentoo-dev 2018-04-04 22:26:06 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=520c49d5731bb9d63d0f197c370625cb152d9e89

commit 520c49d5731bb9d63d0f197c370625cb152d9e89
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-04-04 17:36:09 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-04 22:25:41 +0000

    app-misc/pax-utils: stable 1.2.3 for sparc
    
    Bug: https://bugs.gentoo.org/608766
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 app-misc/pax-utils/pax-utils-1.2.3.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)}
Comment 12 Sergei Trofimovich (RETIRED) gentoo-dev 2018-04-06 19:30:39 UTC 
sparc stable
Comment 13 Aaron Bauman (RETIRED) gentoo-dev 2018-04-08 13:10:17 UTC 
GLSA Vote: No
Comment 14 Sergei Trofimovich (RETIRED) gentoo-dev 2018-07-28 18:08:08 UTC 
commit 1b23a73f6a51d28568444f367daf1af963db31bf
Author: Aaron Bauman <bman@gentoo.org>
Date:   Sun Apr 8 09:06:48 2018 -0400

    app-misc/pax-utils: stabilize ppc

commit 59ee764c17315e1153427f351f7d01da0933a7da
Author: Markus Meier <maekke@gentoo.org>
Date:   Sun Apr 8 12:46:38 2018 +0200

    app-misc/pax-utils: arm stable, bug #607896