Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 657930 (CVE-2018-10360) - <sys-apps/file-5.33-r2: out-of-bounds read via a crafted ELF file (CVE-2018-10360)
Summary: <sys-apps/file-5.33-r2: out-of-bounds read via a crafted ELF file (CVE-2018-1...
Status: RESOLVED FIXED
Alias: CVE-2018-10360
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/file/file/commit/a...
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-06-12 03:15 UTC by Florian Schuhmacher
Modified: 2018-06-23 21:39 UTC (History)
1 user (show)

See Also:
Package list:
sys-apps/file-5.33-r2
Runtime testing required: ---
bman: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Schuhmacher 2018-06-12 03:15:19 UTC
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

Affects: file-5.32-r1, ffile-5.33-r1.


Gentoo Security Scout
Florian Schuhmacher
Comment 1 Larry the Git Cow gentoo-dev 2018-06-12 08:18:11 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=331976f64a3ac2e70aa62d6631db0e148f19d0fe

commit 331976f64a3ac2e70aa62d6631db0e148f19d0fe
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2018-06-12 08:17:44 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2018-06-12 08:18:03 +0000

    sys-apps/file: Avoid reading past the end of buffer (CVE-2018-10360)
    
    Bug: https://bugs.gentoo.org/657930
    Package-Manager: Portage-2.3.40, Repoman-2.3.9

 sys-apps/file/file-5.33-r2.ebuild                  | 127 +++++++++++++++++++++
 sys-apps/file/files/file-5.33-CVE-2018-10360.patch |  18 +++
 2 files changed, 145 insertions(+)
Comment 2 Thomas Deutschmann gentoo-dev Security 2018-06-12 08:20:01 UTC
@ Arches,

please test and mark stable: =sys-apps/file-5.33-r2
Comment 3 Thomas Deutschmann gentoo-dev Security 2018-06-12 11:38:00 UTC
x86 stable
Comment 4 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-06-12 14:58:41 UTC
amd64 stable
Comment 5 Larry the Git Cow gentoo-dev 2018-06-12 20:48:13 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa4bde38b42b69f1e976dd2a13d04939ee35dda6

commit aa4bde38b42b69f1e976dd2a13d04939ee35dda6
Author:     Rolf Eike Beer <eike@sf-mail.de>
AuthorDate: 2018-06-12 18:50:01 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-06-12 20:47:55 +0000

    sys-apps/file: stable 5.33-r2 for sparc
    
    Bug: https://bugs.gentoo.org/657930
    Package-Manager: Portage-2.3.24, Repoman-2.3.6
    RepoMan-Options: --include-arches="sparc"

 sys-apps/file/file-5.33-r2.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 6 Larry the Git Cow gentoo-dev 2018-06-15 09:35:11 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=802ee540925704679d3677ba5366bb8998873cc2

commit 802ee540925704679d3677ba5366bb8998873cc2
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2018-06-15 09:34:41 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-06-15 09:34:41 +0000

    sys-apps/file: stable 5.33-r2 for ia64, bug #657930
    
    Bug: https://bugs.gentoo.org/657930
    Package-Manager: Portage-2.3.40, Repoman-2.3.9
    RepoMan-Options: --include-arches="ia64"

 sys-apps/file/file-5.33-r2.ebuild | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 7 Mart Raudsepp gentoo-dev 2018-06-19 14:32:02 UTC
arm64 stable
Comment 8 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2018-06-22 17:52:54 UTC
The rest was handled myself
Comment 9 Arfrever Frehtes Taifersar Arahesis 2018-06-22 20:33:22 UTC
This should have been stabilized along with media-libs/sdl-pango-0.1.2-r1 (at least on amd64) (bug #655856). I filed bug #658766.
Comment 10 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2018-06-23 00:28:22 UTC
GLSA request filed.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2018-06-23 21:39:10 UTC
This issue was resolved and addressed in
 GLSA 201806-08 at https://security.gentoo.org/glsa/201806-08
by GLSA coordinator Aaron Bauman (b-man).