Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 768753 (CVE-2021-27218, CVE-2021-27219, GHSL-2021-045)

Summary: <dev-libs/glib-2.66.7: Integer overflow (CVE-2021-{27218,27219})
Product: Gentoo Security Reporter: Sam James <sam>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: gnome
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://gitlab.gnome.org/GNOME/glib/-/issues/2319
Whiteboard: A3 [glsa+ cve]
Package list:
Runtime testing required: ---

Description Sam James archtester gentoo-dev Security 2021-02-05 03:54:38 UTC
Description:
"The function g_bytes_new has an integer overflow due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to a memory corruption vulnerability."

leio's noticed some possible regressions in gnome-shell, gnome-keyring. See https://gitlab.gnome.org/GNOME/glib/-/issues/2305. So let's not rush to jump on 2.66.6 yet.
Comment 1 Larry the Git Cow gentoo-dev 2021-02-14 11:30:59 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a1b64b25d3122534c974ce85a0319645a4a7fb86

commit a1b64b25d3122534c974ce85a0319645a4a7fb86
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2021-02-14 11:28:18 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2021-02-14 11:30:41 +0000

    dev-libs/glib: security bump to 2.66.7
    
    Bug: https://bugs.gentoo.org/768753
    Package-Manager: Portage-3.0.12, Repoman-3.0.2
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 dev-libs/glib/Manifest           |   1 +
 dev-libs/glib/glib-2.66.7.ebuild | 290 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 291 insertions(+)
Comment 2 John Helmert III gentoo-dev Security 2021-02-14 18:48:39 UTC
Alright, please stabilize when ready.
Comment 3 NATTkA bot gentoo-dev 2021-02-14 18:52:57 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-02-14 21:13:45 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-02-14 21:37:47 UTC
All sanity-check issues have been resolved
Comment 6 John Helmert III gentoo-dev Security 2021-02-15 20:58:07 UTC
CVE-2021-27218 was assigned for this (the upstream issue title seems wrong).
Comment 7 John Helmert III gentoo-dev Security 2021-02-15 22:13:12 UTC
(In reply to John Helmert III (ajak) from comment #6)
> CVE-2021-27218 was assigned for this (the upstream issue title seems wrong).

Well, maybe not wrong, but both CVEs are similar and appear to be covered by the stabilization in this bug.
Comment 8 Sam James archtester gentoo-dev Security 2021-02-16 19:20:51 UTC
arm done
Comment 9 Rolf Eike Beer archtester 2021-02-16 20:14:34 UTC
sparc stable
Comment 10 Sam James archtester gentoo-dev Security 2021-02-17 01:00:10 UTC
ppc64 done
Comment 11 Sam James archtester gentoo-dev Security 2021-02-17 13:53:59 UTC
arm64 done
Comment 12 Sam James archtester gentoo-dev Security 2021-02-17 14:21:28 UTC
x86 done
Comment 13 Rolf Eike Beer archtester 2021-02-17 15:54:04 UTC
hppa stable
Comment 14 Sam James archtester gentoo-dev Security 2021-02-17 18:41:17 UTC
amd64 done
Comment 15 Sam James archtester gentoo-dev Security 2021-02-17 18:42:05 UTC
amd64 done
Comment 16 Sam James archtester gentoo-dev Security 2021-02-18 07:29:37 UTC
s390 done
Comment 17 Sam James archtester gentoo-dev Security 2021-02-18 08:27:39 UTC
ppc done

all arches done
Comment 18 Larry the Git Cow gentoo-dev 2021-02-18 22:19:42 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=61eae93378aeff7997d41ea3b9e4bdc09aa119b2

commit 61eae93378aeff7997d41ea3b9e4bdc09aa119b2
Author:     Mart Raudsepp <leio@gentoo.org>
AuthorDate: 2021-02-18 22:16:57 +0000
Commit:     Mart Raudsepp <leio@gentoo.org>
CommitDate: 2021-02-18 22:19:09 +0000

    dev-libs/glib: security cleanup
    
    Bug: https://bugs.gentoo.org/768753
    Package-Manager: Portage-3.0.12, Repoman-3.0.2
    Signed-off-by: Mart Raudsepp <leio@gentoo.org>

 dev-libs/glib/Manifest           |   5 -
 dev-libs/glib/glib-2.62.6.ebuild | 267 -----------------------------------
 dev-libs/glib/glib-2.64.5.ebuild | 281 -------------------------------------
 dev-libs/glib/glib-2.66.2.ebuild | 283 --------------------------------------
 dev-libs/glib/glib-2.66.3.ebuild | 283 --------------------------------------
 dev-libs/glib/glib-2.66.4.ebuild | 290 ---------------------------------------
 6 files changed, 1409 deletions(-)
Comment 19 John Helmert III gentoo-dev Security 2021-02-19 01:37:50 UTC
Thanks leio!
Comment 20 Thomas Deutschmann gentoo-dev Security 2021-05-24 01:50:22 UTC
New GLSA request filed.
Comment 21 GLSAMaker/CVETool Bot gentoo-dev 2021-07-07 08:05:47 UTC
This issue was resolved and addressed in
 GLSA 202107-13 at https://security.gentoo.org/glsa/202107-13
by GLSA coordinator Sam James (sam_c).