Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 625634 - <dev-libs/libmspack-0.6_alpha: Stack-based buffer over-read in cabd_read_string function (CVE-2017-11423)
Summary: <dev-libs/libmspack-0.6_alpha: Stack-based buffer over-read in cabd_read_stri...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks: CVE-2017-11423
  Show dependency tree
 
Reported: 2017-07-19 13:21 UTC by Agostino Sarubbo
Modified: 2018-04-22 22:43 UTC (History)
1 user (show)

See Also:
Package list:
dev-libs/libmspack-0.6_alpha
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-07-19 13:21:45 UTC
From ${URL} :

The cabd_read_string function in mspack/cabd.c in libmspack 0.5alpha,
as used in ClamAV 0.99.2 and other products, allows remote attackers to
cause a denial of service (stack-based buffer over-read and application
crash) via a crafted CAB file.

Reference:

https://github.com/hackerlib/hackerlib-vul/tree/master/clamav-vul

Upstream bug:

https://bugzilla.clamav.net/show_bug.cgi?id=11873


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Maciej Mrozowski gentoo-dev 2017-10-19 23:10:18 UTC
libmspack-0.6_alpha in portage. Claims to fix CVE-2017-11423
Comment 2 Maciej Mrozowski gentoo-dev 2017-10-19 23:11:36 UTC
0.6a ready for stabilization (also see 628684).
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-02 00:01:48 UTC
Freeing CVE-2017-11423 alias to create a tracker bug.
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-02 00:21:30 UTC
@ Arches,

please test and mark stable: =dev-libs/libmspack-0.6_alpha
Comment 5 Agostino Sarubbo gentoo-dev 2018-03-02 15:36:00 UTC
amd64 stable
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2018-03-04 06:54:19 UTC
x86 stable
Comment 7 Aaron Bauman (RETIRED) gentoo-dev 2018-03-27 02:41:19 UTC
@maintainer, please clean the vulnerable versions from the tree.

GLSA Vote: No
Comment 8 Larry the Git Cow gentoo-dev 2018-04-22 22:43:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7ee0e25859aa7c5ff99f760c2a7dc3d277ed16c7

commit 7ee0e25859aa7c5ff99f760c2a7dc3d277ed16c7
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-04-22 22:42:38 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-04-22 22:42:57 +0000

    dev-libs/libmspack: drop vulnerable
    
    Bug: https://bugs.gentoo.org/625634
    Package-Manager: Portage-2.3.31, Repoman-2.3.9

 dev-libs/libmspack/Manifest                      |  1 -
 dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild | 50 ------------------------
 dev-libs/libmspack/libmspack-0.5_alpha.ebuild    | 46 ----------------------
 3 files changed, 97 deletions(-)}