Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 774255 (CVE-2021-3403, CVE-2021-3404) - <net-mail/ytnef-2.0: multiple vulnerabilities (CVE-2021-{3403,3404})
Summary: <net-mail/ytnef-2.0: multiple vulnerabilities (CVE-2021-{3403,3404})
Status: IN_PROGRESS
Alias: CVE-2021-3403, CVE-2021-3404
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa?]
Keywords:
Depends on: 818736
Blocks:
  Show dependency tree
 
Reported: 2021-03-05 03:10 UTC by John Helmert III
Modified: 2022-07-10 13:46 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-03-05 03:10:20 UTC
CVE-2021-3403 (https://github.com/Yeraze/ytnef/issues/85):

In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.

CVE-2021-3404 (https://github.com/Yeraze/ytnef/issues/86):

In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.


Might be further exploitable so the 3 rating may be worth rethinking later.
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:23:45 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:32:10 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:40:03 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:48:14 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 18:04:10 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 18:12:28 UTC
Package list is empty or all packages have requested keywords.
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-09-18 04:06:56 UTC
Please backport the patches linked.
Comment 8 Larry the Git Cow gentoo-dev 2021-09-20 14:21:48 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba52d365d7a5c9e48b2911010cd26546896ba4ff

commit ba52d365d7a5c9e48b2911010cd26546896ba4ff
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-09-20 14:21:28 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-09-20 14:21:42 +0000

    net-mail/ytnef: Bump to version 2.0
    
    Bug: https://bugs.gentoo.org/774255
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-mail/ytnef/Manifest         |  1 +
 net-mail/ytnef/ytnef-2.0.ebuild | 31 +++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)
Comment 9 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-10-19 13:17:10 UTC
Please cleanup.
Comment 10 Larry the Git Cow gentoo-dev 2022-07-10 12:55:08 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ce2cc8f7fe504a91f355a4ff2716dcfaa2bf95e

commit 5ce2cc8f7fe504a91f355a4ff2716dcfaa2bf95e
Author:     Bernard Cafarelli <voyageur@gentoo.org>
AuthorDate: 2022-07-10 12:54:03 +0000
Commit:     Bernard Cafarelli <voyageur@gentoo.org>
CommitDate: 2022-07-10 12:55:04 +0000

    net-mail/ytnef: drop 1.9.3
    
    Bug: https://bugs.gentoo.org/774255
    Signed-off-by: Bernard Cafarelli <voyageur@gentoo.org>

 net-mail/ytnef/Manifest           |  1 -
 net-mail/ytnef/ytnef-1.9.3.ebuild | 31 -------------------------------
 2 files changed, 32 deletions(-)