Bug 922474 (CVE-2024-0684)

Summary:	<sys-apps/coreutils-9.4-r1: split heap buffer overflow vulnerability
Product:	Gentoo Security	Reporter:	Sam James <sam>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	IN_PROGRESS ---
Severity:	normal	CC:	base-system
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://www.openwall.com/lists/oss-security/2024/01/18/2
Whiteboard:	A2 [glsa cleanup]
Package list:		Runtime testing required:	---
Bug Depends on:	926980
Bug Blocks:

Description Sam James archtester

2024-01-19 08:58:25 UTC

See https://www.openwall.com/lists/oss-security/2024/01/18/2.

Patch at https://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=c4c5ed8f4e9cd55a12966d4f520e3a13101637d9.

"""
A proof-of-concept file to trigger the crash is available under 
https://github.com/Valentin-Metz/writeup_split/blob/main/split_me
You can use it to trigger a segmentation fault (SIGABRT) in split, using 
"split -C 1024 ./split_me".
A detailed writeup will follow once distro maintainers have had some 
time to distribute a fix.
"""

Comment 1 Larry the Git Cow gentoo-dev

2024-01-30 20:49:22 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f00b339a42285e269063b7cdecb9d5e726ee2bf7

commit f00b339a42285e269063b7cdecb9d5e726ee2bf7
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-01-30 20:22:06 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-30 20:49:09 +0000

    sys-apps/coreutils: patch CVE-2024-0684
    
    Bug: https://bugs.gentoo.org/922474
    Signed-off-by: Sam James <sam@gentoo.org>

 sys-apps/coreutils/coreutils-9.4-r1.ebuild         | 273 +++++++++++++++++++++
 .../files/coreutils-9.4-CVE-2024-0684.patch        |  31 +++
 2 files changed, 304 insertions(+)

Comment 2 Sam James archtester

2024-05-25 07:12:00 UTC

I'm avoiding cleaning up 8.32 (still!) because of all the ZFS bugs with CoW, as it's been useful for people to be able to downgrade to it. But 9.4 can go.