622342 – <app-arch/unrar-5.5.5-r1: VMSF_DELTA filter in unrar allows arbitrary memory write (CVE-2012-6706)

Bug 622342 - <app-arch/unrar-5.5.5-r1: VMSF_DELTA filter in unrar allows arbitrary memory write (CVE-2012-6706)

Summary: <app-arch/unrar-5.5.5-r1: VMSF_DELTA filter in unrar allows arbitrary memory ...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://bugs.chromium.org/p/project-z...
Whiteboard:	B2 [glsa cve]
Keywords:

Depends on:	628182
Blocks:	CVE-2012-6706
	Show dependency tree

Reported:	2017-06-20 19:06 UTC by Hanno Böck
Modified:	2017-10-02 04:29 UTC (History)
CC List:	3 users (show)

See Also:	622382
Package list:	app-arch/unrar-5.5.5-r1
Runtime testing required:	---

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Hanno Böck gentoo-dev

2017-06-20 19:06:43 UTC

Found by project zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&can=1&q=unrar&desc=6

Upstream version 5.5.5 contains the fix. We may have to check what other apps bundle unrar (e.g. clamav).

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2017-06-21 11:48:57 UTC

Now in repository via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dabe9845e2f4b38d214b8cc1e27f0a43680eb39c

UnRAR v5.5.5 is RAR 5.50 beta 4 so app-arch/rar is probably affected as well.


@ Arches,

please test and mark stable: =app-arch/unrar-5.5.5

Comment 2 Agostino Sarubbo gentoo-dev

2017-06-21 12:10:08 UTC

amd64 stable

Comment 3 Agostino Sarubbo gentoo-dev

2017-06-21 12:12:23 UTC

x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2017-06-21 12:22:49 UTC

Repository is now clean (https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f84896cce4b495bcf147fd493e815d5106f7aa76).

New GLSA request filed.

Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev

2017-06-21 13:27:30 UTC

Oops, we need more than just amd64/x86 -- mixed with app-arch/rar.


@ Arches,

please test and mark stable: =app-arch/unrar-5.5.5

Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev

2017-06-21 15:12:14 UTC

Package was rev bumped to downgrade EAPI back to EAPI=5. So please continue with =app-arch/unrar-5.5.5-r1.

Comment 7 Tobias Klausmann (RETIRED) gentoo-dev

2017-06-26 20:21:02 UTC

Stable on alpha.

Comment 8 Sergei Trofimovich (RETIRED) gentoo-dev

2017-06-30 07:47:57 UTC

ia64 stable

Comment 9 Markus Meier gentoo-dev

2017-07-07 06:17:14 UTC

arm stable

Comment 10 Agostino Sarubbo gentoo-dev

2017-07-07 09:10:44 UTC

sparc stable

Comment 11 Agostino Sarubbo gentoo-dev

2017-07-07 13:25:51 UTC

ppc stable

Comment 12 Agostino Sarubbo gentoo-dev

2017-07-07 14:51:22 UTC

ppc64 stable

Comment 13 Yury German Gentoo Infrastructure

2017-08-02 03:16:50 UTC

Arches or maintainers please stabilize for hppa ASAP. Security will release GLSA for this in 7 days with or without hppa arch being stable.

Comment 14 Thomas Deutschmann (RETIRED) gentoo-dev

2017-08-18 14:52:17 UTC

Superseded by bug 628182.

Comment 15 GLSAMaker/CVETool Bot gentoo-dev

2017-08-21 01:14:44 UTC

This issue was resolved and addressed in
 GLSA 201708-05 at https://security.gentoo.org/glsa/201708-05
by GLSA coordinator Thomas Deutschmann (whissi).

Comment 16 Thomas Deutschmann (RETIRED) gentoo-dev

2017-08-21 01:15:38 UTC

Re-opening because hppa wasn't done yet.

Comment 17 GLSAMaker/CVETool Bot gentoo-dev

2017-09-25 21:50:17 UTC

This issue was resolved and addressed in
 GLSA 201709-24 at https://security.gentoo.org/glsa/201709-24
by GLSA coordinator Aaron Bauman (b-man).