Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 701848 (CVE-2014-9862) - <dev-util/bsdiff-4.3-r4: Improper checking of input allows arbitrary write on heap (CVE-2014-9862)
Summary: <dev-util/bsdiff-4.3-r4: Improper checking of input allows arbitrary write o...
Status: RESOLVED FIXED
Alias: CVE-2014-9862
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-03 00:38 UTC by GLSAMaker/CVETool Bot
Modified: 2020-03-19 18:42 UTC (History)
0 users

See Also:
Package list:
dev-util/bsdiff-4.3-r4
Runtime testing required: ---
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-12-03 00:38:55 UTC 
CVE-2014-9862 (https://nvd.nist.gov/vuln/detail/CVE-2014-9862):
  Integer signedness error in bspatch.c in bspatch in bsdiff, as used in Apple
  OS X before 10.11.6 and other products, allows remote attackers to execute
  arbitrary code or cause a denial of service (heap-based buffer overflow) via
  a crafted patch file.
Comment 2 Larry the Git Cow gentoo-dev 2020-03-15 21:08:11 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4d7646f1d69122a3f49925119a92834c20a1aee

commit f4d7646f1d69122a3f49925119a92834c20a1aee
Author:     Sam James (sam_c) <sam@cmpct.info>
AuthorDate: 2020-03-15 18:21:54 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-03-15 21:06:07 +0000

    dev-util/bsdiff: Fix CVE-2014-9862
    
    Includes a patch from ChromiumOS.
    
    Bug: https://bugs.gentoo.org/701848
    Signed-off-by: Sam James (sam_c) <sam@cmpct.info>
    Closes: https://github.com/gentoo/gentoo/pull/14970
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 dev-util/bsdiff/bsdiff-4.3-r4.ebuild               | 35 ++++++++++++++++++++++
 .../bsdiff/files/bsdiff-4.3-CVE-2014-9862.patch    | 15 ++++++++++
 2 files changed, 50 insertions(+)
Comment 3 Rolf Eike Beer archtester 2020-03-16 17:44:33 UTC 
sparc stable
Comment 4 Rolf Eike Beer archtester 2020-03-17 18:30:52 UTC 
hppa stable
Comment 5 Agostino Sarubbo gentoo-dev 2020-03-17 18:45:05 UTC 
amd64 stable
Comment 6 Agostino Sarubbo gentoo-dev 2020-03-18 11:12:24 UTC 
ppc stable
Comment 7 Agostino Sarubbo gentoo-dev 2020-03-18 11:17:29 UTC 
ia64 stable
Comment 8 Agostino Sarubbo gentoo-dev 2020-03-18 15:22:41 UTC 
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 9 Larry the Git Cow gentoo-dev 2020-03-19 18:32:00 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a90ac2818a5f4f7cb1358f8d679c523801d0e7b2

commit a90ac2818a5f4f7cb1358f8d679c523801d0e7b2
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-03-19 18:31:41 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-03-19 18:31:53 +0000

    dev-util/bsdiff: security cleanup (bug #701848)
    
    Bug: https://bugs.gentoo.org/701848
    Package-Manager: Portage-2.3.94, Repoman-2.3.21
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 dev-util/bsdiff/bsdiff-4.3-r3.ebuild | 36 ------------------------------------
 1 file changed, 36 deletions(-)
Comment 10 Thomas Deutschmann (RETIRED) gentoo-dev 2020-03-19 18:32:30 UTC 
New GLSA request filed.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2020-03-19 18:42:39 UTC 
This issue was resolved and addressed in
 GLSA 202003-44 at https://security.gentoo.org/glsa/202003-44
by GLSA coordinator Thomas Deutschmann (whissi).