Bug 646724 (CVE-2018-4871, CVE-2018-4877, CVE-2018-4878)

Summary:	<www-plugins/adobe-flash-28.0.0.161: multiple vulnerabilities (APSA18-01)
Product:	Gentoo Security	Reporter:	Viktor Levin <viklevin2>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	desktop-misc, jer, jstein, viklevin2
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://helpx.adobe.com/security/products/flash-player/apsa18-01.html
Whiteboard:	B2 [glsa+ cve]
Package list:		Runtime testing required:	---

Description Viktor Levin 2018-02-06 00:48:03 UTC

https://helpx.adobe.com/security/products/flash-player/apsa18-01.html

Comment 1 Jonas Stein gentoo-dev

2018-02-06 12:11:14 UTC

"These attacks leverage Office documents with embedded malicious Flash content distributed via email.

Adobe will address this vulnerability in a release planned for the week of February 5."

Comment 2 Viktor Levin 2018-02-06 17:04:32 UTC

Security updates available for Adobe Flash Player (APSB18-03)
http://blogs.adobe.com/psirt/?p=1522

Comment 3 GLSAMaker/CVETool Bot gentoo-dev

2018-02-08 15:59:24 UTC

CVE-2018-4878 (https://nvd.nist.gov/vuln/detail/CVE-2018-4878):
  A use-after-free vulnerability was discovered in Adobe Flash Player before
  28.0.0.161. This vulnerability occurs due to a dangling pointer in the
  Primetime SDK related to the handling of listener objects. A successful
  attack can lead to arbitrary code execution. This was exploited in the wild
  in January and February 2018.

CVE-2018-4877 (https://nvd.nist.gov/vuln/detail/CVE-2018-4877):
  A use-after-free vulnerability was discovered in Adobe Flash Player before
  28.0.0.161. This vulnerability occurs due to a dangling pointer in the
  Primetime SDK related to quality of service functionality. A successful
  attack can lead to arbitrary code execution.

CVE-2018-4871 (https://nvd.nist.gov/vuln/detail/CVE-2018-4871):
  An Out-of-bounds Read issue was discovered in Adobe Flash Player before
  28.0.0.137. This vulnerability occurs because of computation that reads data
  that is past the end of the target buffer. The use of an invalid
  (out-of-range) pointer offset during access of internal data structure
  fields causes the vulnerability. A successful attack can lead to sensitive
  data exposure.

Comment 4 Christopher Díaz Riveros (RETIRED) gentoo-dev

2018-02-08 16:02:13 UTC

(In reply to Viktor Levin from comment #0)
> https://helpx.adobe.com/security/products/flash-player/apsa18-01.html

Thank you Viktor for the report. I'm adding a couple of CVEs included in this version.

Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev

2018-03-13 18:12:17 UTC

New GLSA request filed.

Comment 6 GLSAMaker/CVETool Bot gentoo-dev

2018-03-19 01:12:09 UTC

This issue was resolved and addressed in
 GLSA 201803-08 at https://security.gentoo.org/glsa/201803-08
by GLSA coordinator Christopher Diaz Riveros (chrisadr).