Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 522114 (CVE-2014-3618) - <mail-filter/procmail-3.22-r14: heap overflow in formail tool
Summary: <mail-filter/procmail-3.22-r14: heap overflow in formail tool
Status: RESOLVED FIXED
Alias: CVE-2014-3618
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: CVE-2014-16844
Blocks:
  Show dependency tree
 
Reported: 2014-09-04 05:31 UTC by Hanno Böck
Modified: 2019-04-06 16:43 UTC (History)
8 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2014-09-04 05:31:56 UTC
A heap overflow has been reported in procmail by Tavis Ormandy on the oss-security list:
http://www.openwall.com/lists/oss-security/2014/09/03/8

Depending on the configuration this may be exploited remotely by sending a mail, so it should probably be considered quite severe. procmail hasn't seen a release in ages, a patch is in the above oss-security-post.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2015-01-04 01:28:08 UTC
CVE-2014-3618 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3618):
  Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows
  remote attackers to cause a denial of service (crash) and possibly execute
  arbitrary code via a crafted email header, related to "unbalanced quotes."
Comment 2 Thomas Deutschmann gentoo-dev Security 2016-12-01 17:52:12 UTC
@ Maintainer(s): Please apply https://sources.debian.net/src/procmail/3.22-25/debian/patches/27/
Comment 3 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-09-20 04:26:32 UTC
@Maintainers ping

Gentoo Security Padawan
ChrisADR
Comment 4 Larry the Git Cow gentoo-dev 2019-03-24 00:26:14 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=31e0e8db9e641bbe158add9c6d4907f2c3eb2d57

commit 31e0e8db9e641bbe158add9c6d4907f2c3eb2d57
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2019-03-24 00:22:31 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2019-03-24 00:26:04 +0000

    mail-filter/procmail: revbump to fix longstanding vulnerabilities
    
    This patch is a combination of patches from the OSS ML and the Debian
    bug tracker.  Both patches and authors can be found in the below
    referenced bugs.
    
    Bug: https://bugs.gentoo.org/522114
    Bug: https://bugs.gentoo.org/638108
    Signed-off-by: Aaron Bauman <bman@gentoo.org>

 .../files/procmail-CVE-2014-3618-16844.patch       |  25 +++++
 mail-filter/procmail/procmail-3.22-r12.ebuild      | 123 +++++++++++++++++++++
 2 files changed, 148 insertions(+)
Comment 5 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-03-26 22:49:42 UTC
-r12 was dropped due to reports of CPU utilization due to loops
Comment 6 A Blamey 2019-03-28 09:32:14 UTC
I just had formail hang with -r13 - same as happened with -r12