Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 673944 (CVE-2018-3846, CVE-2018-3847, CVE-2018-3848, CVE-2018-3849)

Summary: sci-libs/cfitsio: multiple vulnerabilities
Product: Gentoo Security Reporter: D'juan McDonald (domhnall) <flopwiki>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: minor CC: sci-astronomy
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0531
See Also: https://bugs.gentoo.org/show_bug.cgi?id=698224
Whiteboard: B3 [ebuild+]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 687860    

Description D'juan McDonald (domhnall) 2018-12-29 06:03:00 UTC
Version 3.44 - April 2018

  - This release primarily patches security vulnerabilities.  We
    strongly encourage this upgrade, particularly for those running 
    CFITSIO in web accessible applications.


Citing documentation from version 3.44 to outline security fixes. However, version 3.45 and 3.50 are available via upstream. Please see URL for details.
Comment 1 D'juan McDonald (domhnall) 2019-01-08 20:38:58 UTC
Escalating to @Security due to CVE and Vulnerability aspects.

(https://nvd.nist.gov/vuln/detail/CVE-2018-3848):
In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.


(https://nvd.nist.gov/vuln/detail/CVE-2018-3849):
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.


Gentoo Security Padawan
(domhnall)
Comment 2 D'juan McDonald (domhnall) 2019-01-08 21:42:09 UTC
Adding a missed CVE and reference
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0529
Comment 3 D'juan McDonald (domhnall) 2019-10-18 17:41:12 UTC
``` ffgphd and ffgtkn ``` are CVE-2018-4846 while ```ffghbn and ffghtb``` are CVEs CVE-2018-3848 and CVE-2018-3849 respectively.

See Also: CVE-2019-1010060.
(https://nvd.nist.gov/vuln/detail/CVE-2019-1010060):


(https://nvd.nist.gov/vuln/detail/CVE-2018-3846):

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.


(https://nvd.nist.gov/vuln/detail/CVE-2018-3847):
 
Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
Comment 4 D'juan McDonald (domhnall) 2019-10-18 17:42:31 UTC
(In reply to D'juan McDonald (domhnall) from comment #3)
>..are CVE-2018-4846

CVE-2018-3846
Comment 5 Sam James archtester gentoo-dev Security 2020-06-13 17:04:31 UTC
ping..
Comment 6 Sam James archtester gentoo-dev Security 2020-07-18 21:01:50 UTC
ping