655148 – (CVE-2018-10685) <app-arch/lrzip-0.631_p20190619: use after free in lzma_decompress_buf function of stream.c

Bug 655148 (CVE-2018-10685) - <app-arch/lrzip-0.631_p20190619: use after free in lzma_decompress_buf function of stream.c

Summary: <app-arch/lrzip-0.631_p20190619: use after free in lzma_decompress_buf functi...

Status:	RESOLVED FIXED

Alias:	CVE-2018-10685

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2018-05-07 10:05 UTC by Agostino Sarubbo
Modified:	2020-04-26 03:41 UTC (History)
CC List:	1 user (show)

See Also:	CVE-2017-9928, CVE-2017-9929
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2018-05-07 10:05:30 UTC

From ${URL} :

A flaw was found in Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application 
crash) or possibly have unspecified other impact.


References:
https://github.com/ckolivas/lrzip/issues/95


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.

Comment 1 Aaron Bauman (RETIRED) gentoo-dev

2019-08-10 16:44:43 UTC

all fixed in master

Comment 2 NATTkA bot gentoo-dev

2020-04-12 19:30:45 UTC

Unable to check for sanity:

> dependent bug #624462 is missing keywords

Comment 3 NATTkA bot gentoo-dev

2020-04-13 14:41:35 UTC

Resetting sanity check; package list is empty or all packages are done.

Comment 4 Yury German Gentoo Infrastructure

2020-04-26 03:41:02 UTC

GLSA Vote: No

Thank you all for you work. 
Closing as [noglsa].