Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 626858 (CVE-2017-12141, CVE-2017-12142, CVE-2017-12144)

Summary: <net-mail/ytnef-1.9.3: Denial of Service (CVE-2017-{12144,12142,12141})
Product: Gentoo Security Reporter: Aleksandr Wagner (Kivak) <alwag>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: polynomial-c
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: C3 [noglsa cve]
Package list:
net-mail/ytnef-1.9.3
 Runtime testing required: ---

Description Aleksandr Wagner (Kivak) 2017-08-02 07:40:02 UTC 
CVE-2017-12144 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12144):

In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. 

https://github.com/Yeraze/ytnef/issues/51
https://somevulnsofadlab.blogspot.ca/2017/07/ytnefallocation-failed-in-tneffillmapi.html

CVE-2017-12142 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12142):

In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file. 

https://github.com/Yeraze/ytnef/issues/49
https://somevulnsofadlab.blogspot.ca/2017/07/ytnefinvalid-memory-read-in-swapdword.html

CVE-2017-12141 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12141):

In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. 

https://github.com/Yeraze/ytnef/issues/50
https://somevulnsofadlab.blogspot.ca/2017/07/ytnefheap-buffer-overflow-in.html
Comment 1 Larry the Git Cow gentoo-dev 2018-07-23 09:46:04 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bd0f6d34271b64a12b8be31378a2b58610e60a8f

commit bd0f6d34271b64a12b8be31378a2b58610e60a8f
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2018-07-23 09:45:43 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2018-07-23 09:45:43 +0000

    net-mail/ytnef: Security bump to version 1.9.3
    
    This fixes the following CVEs:
    
    CVE-2017-9470
    CVE-2017-9471
    CVE-2017-9474
    CVE-2017-9058
    CVE-2017-12142
    CVE-2017-12141
    CVE-2017-12144
    
    Bug: https://bugs.gentoo.org/626858
    Closes: https://bugs.gentoo.org/619156
    Package-Manager: Portage-2.3.43, Repoman-2.3.10

 net-mail/ytnef/Manifest           |  1 +
 net-mail/ytnef/ytnef-1.9.3.ebuild | 31 +++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)
Comment 2 Agostino Sarubbo gentoo-dev 2018-07-25 08:25:09 UTC 
amd64 stable
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-07-28 13:46:13 UTC 
x86 stable
Comment 4 Tobias Klausmann (RETIRED) gentoo-dev 2018-09-13 14:33:58 UTC 
Stable on alpha.
Comment 5 Larry the Git Cow gentoo-dev 2018-09-13 14:36:56 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=492d0d0db7b3f0ca9564d5be3042a781151152f8

commit 492d0d0db7b3f0ca9564d5be3042a781151152f8
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2018-09-13 14:36:46 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2018-09-13 14:36:46 +0000

    net-mail/ytnef: Security cleanup.
    
    Bug: https://bugs.gentoo.org/626858
    Package-Manager: Portage-2.3.49, Repoman-2.3.10

 net-mail/ytnef/Manifest           |  1 -
 net-mail/ytnef/ytnef-1.9.2.ebuild | 21 ---------------------
 2 files changed, 22 deletions(-)