| Summary: | app-emulation/vmware-workstation: out-of-bounds memory access (VMSA-2017-0005) | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Manfred Knick <Manfred.Knick> | ||||||||
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||||
| Status: | RESOLVED OBSOLETE | ||||||||||
| Severity: | trivial | CC: | orodruinlair, rossi.f, vmware+disabled | ||||||||
| Priority: | Normal | Keywords: | InOverlay, PATCH, PMASKED | ||||||||
| Version: | unspecified | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Linux | ||||||||||
| URL: | https://www.vmware.com/security/advisories/VMSA-2017-0005.html | ||||||||||
| Whiteboard: | ~2 [ebuild/cve] | ||||||||||
| Package list: | Runtime testing required: | --- | |||||||||
| Attachments: |
|
||||||||||
|
Description
Manfred Knick
2017-03-16 11:23:57 UTC
Created attachment 467200 [details]
308-4.09-00-user-pages.patch.out
* Applying 308-4.09-00-user-pages.patch ...
* Failed Patch: 308-4.09-00-user-pages.patch !
* ( /usr/local/portage/local-overlay/app-emulation/vmware-modules/files/308-4.09-00-user-pages.patch )
NOTABENE: Bug 510156 app-emulation/vmware-workstation-11 "/etc/init.d/vmware stop" fails if vsock module is built into kernel still applies: # /etc/init.d/vmware stop * Stopping VMware USB Arbitrator ... /opt/vmware/bin/vmware-usbarbitrator: Kein Prozess gefunden [ !! ] Stopped all configured services on all networks [ ok ] * Stopping VMware services ... modprobe: FATAL: Module vmw_vsock_vmci_transport is builtin. [ !! ] modprobe: FATAL: Module vmw_vmci is builtin. [ !! ] * ERROR: vmware failed to stop Workaround also still applies: # /etc/init.d/vmware zap * Manually resetting vmware to stopped state Disabling patches . . . 308-4.09-00-user-pages.patch and . . . 308-4.10-00-generic_readlink.patch , vmware-modules-308.5.4 at least builds fine without any error (t.b.c.) AFAICS, the last two patches in 308-4.09-00-user-pages.patch seem obsolete: Created attachment 467206 [details]
308-4.09-00-user-pages.patch
Deleted the last two patches.
Created attachment 467208 [details]
308-4.09-00-user-pages.patch__OBSOLETE
The (deleted) last two patches, extracted into a separate backup file.
AFTERWARDS: All three packages compile / build / install successfully. Unfortunately, again, the bridged networks don't work any more. WORKAROUND: . . . https://bugs.gentoo.org/show_bug.cgi?id=596280#c5, _Hint 2_ does the trick again. Afterwards: . . . WORKSFORME TEST with 3 VMs: - Windows 7 - Windows 8.1 - Windows 10 o) start up && check networks (ok) o) update virus definitions (ok) o) check system (ok) TODO:
VMware Tools are shouting for _update_ .
Although having enabled the "vmware-tools" USE flag:
# emerge -pv vmware-workstation
[ebuild R ~] app-emulation/vmware-workstation-12.5.4.5192485
::mkn_local_overlay
USE="bundled-libs cups doc ovftool server vix vmware-tools"
and
# equery list -p -o vmware-tools
...
[--O] [ ] app-emulation/vmware-tools-10.0.6.3595377:0
[I-O] [ ] app-emulation/vmware-tools-10.0.10.4301679:0
inside the VMs, the installed tools identify themselves as
. . . Version 10.0.6m build 3595377
corresponding to app-emulation/vmware-tools-10.0.6.3595377:0
(In reply to Manfred Knick from comment #8) CONFIRMATION: "ReInstall VMware Tools" from the "Alt"-Menue of respective VM's TAB worked successfully in all three cases. Just to SUMMARIZE: The ebuilds in use are # equery list app-emulation/vmware* [I-O] [ ] app-emulation/vmware-modules-308.5.4:0 <-- new [I-O] [ ] app-emulation/vmware-tools-10.0.10.4301679:0 [I-O] [ ] app-emulation/vmware-workstation-12.5.4.5192485:0 <-- new The only change needed is in . . . /app-emulation/vmware-modules/files/308-4.09-00-user-pages.patch as descibend in comment 4 f. Having app-emulation/vmware-workstation-12.5.4-5192485 installed, after upgrading dev-cpp/gtkmm-2.24.5:2.4 to (slotted) dev-cpp/gtkmm-3.20.1:3.0, "emerge -a --depclean" un-merged :2.4, leading to a circle in 'emerge ... @preserved-rebuild'. Enforcing "emerge ... dev-cpp/gtkmm:2.4" leading to a slotted dual install of :2.4 and :3.0 solved this problem. In [ovarlay] vmware-workstation-12.5.4.5192485.ebuild, it is BUNDLED_LIB_DEPENDS which contains "dev-cpp/gtkmm:2.4"; thus it is only pulled in the case of "!bundled-libs". Seems this entry has to move. The version numberes affected should be kept visible in the title of the bug, please. existing [OVERLAY] app-emulation/vmware-workstation-12.5.4.5192485:0 is _not_ prone to this security risk any more. (In reply to Manfred Knick from comment #12) > The version numberes affected > should be kept visible in the title of the bug, please. > > existing [OVERLAY] app-emulation/vmware-workstation-12.5.4.5192485:0 > is _not_ prone to this security risk any more. I am sorry, this isn't possible. We are only tracking official Gentoo repository. Because we don't have a fixed version in the repository we can't set version in title yet. (In reply to Manfred Knick from comment #11) > Enforcing "emerge ... dev-cpp/gtkmm:2.4" > leading to a slotted dual install of :2.4 and :3.0 WORKAROUND: # emerge -aC vmware-workstation vmware-modules vmware-tools # emerge -a --depclean # emerge -a vmware-workstation should let you exit the loop ... REFERENCE: Please note: Bug 616958 - app-emulation/vmware-workstation-12.5.6 version bump To address bug 621910 we had to PMASK currently unmaintained VMware packages within the Gentoo repository. VMware was removed from the Gentoo repository [1]. Closing as obsolete (package was never stable, i.e. no removal GLSA required). [1] https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a2d54401ad16fe676b80bb5618a569ebe02636d5 |
