Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 625634

Summary: <dev-libs/libmspack-0.6_alpha: Stack-based buffer over-read in cabd_read_string function (CVE-2017-11423)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: reavertm
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1472776
Whiteboard: B3 [noglsa]
Package list:
dev-libs/libmspack-0.6_alpha
 Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 649304    

Description Agostino Sarubbo gentoo-dev 2017-07-19 13:21:45 UTC 
From ${URL} :

The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha,
as used in ClamAV 0.99.2 and other products, allows remote attackers to
cause a denial of service (stack-based buffer over-read and application
crash) via a crafted CAB file.

Reference:

https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul

Upstream bug:

https://bugzilla.clamav.net/show_bug.cgi?id=11873


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Maciej Mrozowski gentoo-dev 2017-10-19 23:10:18 UTC 
libmspack-0.6_alpha in portage. Claims to fix CVE-2017-11423
Comment 2 Maciej Mrozowski gentoo-dev 2017-10-19 23:11:36 UTC 
0.6a ready for stabilization (also see 628684).
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-02 00:01:48 UTC 
Freeing CVE-2017-11423 alias to create a tracker bug.
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-02 00:21:30 UTC 
@ Arches,

please test and mark stable: =dev-libs/libmspack-0.6_alpha
Comment 5 Agostino Sarubbo gentoo-dev 2018-03-02 15:36:00 UTC 
amd64 stable
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-04 06:54:19 UTC 
x86 stable
Comment 7 Aaron Bauman (RETIRED) gentoo-dev 2018-03-27 02:41:19 UTC 
@maintainer, please clean the vulnerable versions from the tree.

GLSA Vote: No
Comment 8 Larry the Git Cow gentoo-dev 2018-04-22 22:43:04 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ee0e25859aa7c5ff99f760c2a7dc3d277ed16c7

commit 7ee0e25859aa7c5ff99f760c2a7dc3d277ed16c7
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-04-22 22:42:38 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-04-22 22:42:57 +0000

    dev-libs/libmspack: drop vulnerable
    
    Bug: https://bugs.gentoo.org/625634
    Package-Manager: Portage-2.3.31, Repoman-2.3.9

 dev-libs/libmspack/Manifest                      |  1 -
 dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild | 50 ------------------------
 dev-libs/libmspack/libmspack-0.5_alpha.ebuild    | 46 ----------------------
 3 files changed, 97 deletions(-)}