Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 322859 - <media-sound/abcm2ps-5.9.13: getarena() heap-based buffer overflow (CVE-2010-{3441,4743,4744})
Summary: <media-sound/abcm2ps-5.9.13: getarena() heap-based buffer overflow (CVE-2010-...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/40033/
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-06-05 14:17 UTC by Alex Legler (RETIRED)
Modified: 2011-11-20 18:17 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-06-05 14:17:32 UTC
Quoting Secunia from $URL:

A vulnerability has been reported in abcm2ps, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to an error within the "getarena()" function in abc2ps.c when allocating memory. This can be exploited to potentially cause a heap-based buffer overflow when converting a specially crafted ABC file.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions prior to 5.9.13.
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-06-05 14:20:31 UTC
Sound: I see that we are several versions behind upstream and it's a leaf package. If you don't want to bump, please consider removal.

CVE request: [oss-security] CVE Request -- Abcm2ps v5.9.12 -- multiple unspecified vulnerabilities (From: Jan Lieskovsky <jlieskov@redhat.com>=
Comment 2 Samuli Suominen gentoo-dev 2010-08-20 17:03:15 UTC
  20 Aug 2010; Samuli Suominen <ssuominen@gentoo.org> abcm2ps-5.9.15.ebuild:
  amd64 stable wrt #322859

*abcm2ps-5.9.15 (20 Aug 2010)

  20 Aug 2010; Samuli Suominen <ssuominen@gentoo.org>
  +abcm2ps-5.9.15.ebuild:
  Version bump wrt #322859 by Alex Legler.
Comment 3 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-08-21 18:24:18 UTC
x86 stable
Comment 4 Raúl Porcel (RETIRED) gentoo-dev 2010-08-27 17:03:33 UTC
sparc stable
Comment 5 Samuli Suominen gentoo-dev 2010-08-30 17:03:18 UTC
all arch's done, add sound@ back if you need something ->
Comment 6 Tim Sammut (RETIRED) gentoo-dev 2010-11-26 23:58:54 UTC
GLSA Request filed.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2011-10-08 13:44:33 UTC
CVE-2010-3441 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3441):
  Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote
  attackers to execute arbitrary code via (1) a crafted input file, related to
  the PUT0 and PUT1 output macros; (2) a crafted input file, related to the
  trim_title function; and possibly (3) a long -O option on a command line.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2011-10-08 15:18:34 UTC
CVE-2010-4744 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4744):
  Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown
  impact and attack vectors, a different issue than CVE-2010-3441.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2011-11-20 18:17:25 UTC
This issue was resolved and addressed in
 GLSA 201111-12 at http://security.gentoo.org/glsa/glsa-201111-12.xml
by GLSA coordinator Alex Legler (a3li).