Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 600178 (CVE-2016-9400) - <games-action/teeworlds-0.6.4: Remote code execution on teeworlds client
Summary: <games-action/teeworlds-0.6.4: Remote code execution on teeworlds client
Status: RESOLVED FIXED
Alias: CVE-2016-9400
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://seclists.org/oss-sec/2016/q4/448
Whiteboard: B1 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2016-11-18 15:09 UTC by Thomas Deutschmann
Modified: 2017-05-26 06:27 UTC (History)
2 users (show)

See Also:
Package list:
games-action/teeworlds-0.6.4
Runtime testing required: ---
stable-bot: sanity-check+


Attachments
Version bump (0001-games-action-teeworlds-Version-bump.patch,8.10 KB, patch)
2017-04-09 17:55 UTC, Emir Marincic
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann gentoo-dev Security 2016-11-18 15:09:53 UTC
teeworlds upstream has released version 0.6.4.

https://www.teeworlds.com/?page=news&id=12086 says

> the security vulnerability is worse, attacker controlled memory-writes and
> possibly arbitrary code execution on the client, abusable by any server the
> client joins

The upstream fix:
https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62
Comment 1 Emir Marincic 2017-04-09 17:55:36 UTC
Created attachment 469550 [details, diff]
Version bump

Fixes the old ebuilds as well but i'd remove them completely given this is a RCE. We've yet to see it in use by anyone though so that's nice.

I could also pull-request this if that's desirable.
Comment 2 Thomas Deutschmann gentoo-dev Security 2017-04-09 18:02:32 UTC
Thank you for your contribution.

Yes, please create a pull request if possible.

Once a fixed version/ebuild is in repository and stable we will clean up previous versions.


From your patch:
> +PM=$(echo ${PV} | cut -c 1-3)

Please try to match Gentoo style. I.e. if you need to change PV use MY_PV and try to use versionator eclass (https://devmanual.gentoo.org/eclass-reference/versionator.eclass/) instead of cut.
Comment 3 Emir Marincic 2017-04-09 20:14:37 UTC
Made the requested changes and a pull request. https://github.com/gentoo/gentoo/pull/4400
Comment 4 James Le Cuirot gentoo-dev 2017-05-04 21:29:28 UTC
0.6.4 is now in the tree. amd64 and x86 teams, please stabilise. I've tried it out myself on amd64 and it works fine. If you want to try it, it's a relatively small download for a game.
Comment 5 Agostino Sarubbo gentoo-dev 2017-05-05 14:11:09 UTC
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2017-05-06 17:20:52 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 7 James Le Cuirot gentoo-dev 2017-05-06 19:54:49 UTC
Old removed. Security team, please continue.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2017-05-26 06:27:21 UTC
This issue was resolved and addressed in
 GLSA 201705-13 at https://security.gentoo.org/glsa/201705-13
by GLSA coordinator Thomas Deutschmann (whissi).