Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 774255 (CVE-2021-3403, CVE-2021-3404) - <net-mail/ytnef-2.0: multiple vulnerabilities (CVE-2021-{3403,3404})
Summary: <net-mail/ytnef-2.0: multiple vulnerabilities (CVE-2021-{3403,3404})
Status: IN_PROGRESS
Alias: CVE-2021-3403, CVE-2021-3404
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa]
Keywords:
Depends on: 818736
Blocks:
  Show dependency tree
 
Reported: 2021-03-05 03:10 UTC by John Helmert III
Modified: 2024-03-24 08:30 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-03-05 03:10:20 UTC 
CVE-2021-3403 (https://github.com/Yeraze/ytnef/issues/85):

In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a double free which can be triggered via a crafted file.

CVE-2021-3404 (https://github.com/Yeraze/ytnef/issues/86):

In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial-of-service (and potentially code execution) due to a heap buffer overflow which can be triggered via a crafted file.


Might be further exploitable so the 3 rating may be worth rethinking later.
Comment 1 NATTkA bot gentoo-dev 2021-07-29 17:23:45 UTC Comment hidden (obsolete)
Comment 2 NATTkA bot gentoo-dev 2021-07-29 17:32:10 UTC Comment hidden (obsolete)
Comment 3 NATTkA bot gentoo-dev 2021-07-29 17:40:03 UTC Comment hidden (obsolete)
Comment 4 NATTkA bot gentoo-dev 2021-07-29 17:48:14 UTC Comment hidden (obsolete)
Comment 5 NATTkA bot gentoo-dev 2021-07-29 18:04:10 UTC Comment hidden (obsolete)
Comment 6 NATTkA bot gentoo-dev 2021-07-29 18:12:28 UTC 
Package list is empty or all packages have requested keywords.
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-09-18 04:06:56 UTC 
Please backport the patches linked.
Comment 8 Larry the Git Cow gentoo-dev 2021-09-20 14:21:48 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba52d365d7a5c9e48b2911010cd26546896ba4ff

commit ba52d365d7a5c9e48b2911010cd26546896ba4ff
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2021-09-20 14:21:28 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2021-09-20 14:21:42 +0000

    net-mail/ytnef: Bump to version 2.0
    
    Bug: https://bugs.gentoo.org/774255
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-mail/ytnef/Manifest         |  1 +
 net-mail/ytnef/ytnef-2.0.ebuild | 31 +++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)
Comment 9 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-10-19 13:17:10 UTC 
Please cleanup.
Comment 10 Larry the Git Cow gentoo-dev 2022-07-10 12:55:08 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ce2cc8f7fe504a91f355a4ff2716dcfaa2bf95e

commit 5ce2cc8f7fe504a91f355a4ff2716dcfaa2bf95e
Author:     Bernard Cafarelli <voyageur@gentoo.org>
AuthorDate: 2022-07-10 12:54:03 +0000
Commit:     Bernard Cafarelli <voyageur@gentoo.org>
CommitDate: 2022-07-10 12:55:04 +0000

    net-mail/ytnef: drop 1.9.3
    
    Bug: https://bugs.gentoo.org/774255
    Signed-off-by: Bernard Cafarelli <voyageur@gentoo.org>

 net-mail/ytnef/Manifest           |  1 -
 net-mail/ytnef/ytnef-1.9.3.ebuild | 31 -------------------------------
 2 files changed, 32 deletions(-)