803131 – (CVE-2020-36428, CVE-2021-36977) <sci-libs/matio-1.5.22: multiple vulnerabilities

Bug 803131 (CVE-2020-36428, CVE-2021-36977) - <sci-libs/matio-1.5.22: multiple vulnerabilities

Summary: <sci-libs/matio-1.5.22: multiple vulnerabilities

Status:	RESOLVED FIXED

Alias:	CVE-2020-36428, CVE-2021-36977

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:
Whiteboard:	B2 [glsa+]
Keywords:

Depends on:
Blocks:

Reported:	2021-07-20 23:33 UTC by John Helmert III
Modified:	2024-08-11 14:40 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2021-07-20 23:33:51 UTC

CVE-2020-36428 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21421):

matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).

CVE-2021-36977 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31265):

matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MM_memcpy (called from H5MM_malloc and H5C_load_entry).



No references to a fix.

Comment 1 NATTkA bot gentoo-dev

2021-07-29 17:20:47 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 2 NATTkA bot gentoo-dev

2021-07-29 17:28:53 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 3 NATTkA bot gentoo-dev

2021-07-29 17:36:50 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 4 NATTkA bot gentoo-dev

2021-07-29 17:44:53 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 5 NATTkA bot gentoo-dev

2021-07-29 17:52:56 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 6 NATTkA bot gentoo-dev

2021-07-29 17:56:52 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 7 NATTkA bot gentoo-dev

2021-07-29 18:00:52 UTC Comment hidden (obsolete)

Package list is empty or all packages have requested keywords.

Comment 8 NATTkA bot gentoo-dev

2021-07-29 18:09:09 UTC

Package list is empty or all packages have requested keywords.

Comment 9 Larry the Git Cow gentoo-dev

2022-05-09 17:19:35 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=487b3fc529cfde6265e6c10ba0a2b1ea51f82a17

commit 487b3fc529cfde6265e6c10ba0a2b1ea51f82a17
Author:     Andrew Ammerlaan <andrewammerlaan@gentoo.org>
AuthorDate: 2022-05-09 17:00:50 +0000
Commit:     Andrew Ammerlaan <andrewammerlaan@gentoo.org>
CommitDate: 2022-05-09 17:19:28 +0000

    sci-libs/matio: drop 1.5.21
    
    Bug: https://bugs.gentoo.org/842258
    Bug: https://bugs.gentoo.org/803131
    Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>

 sci-libs/matio/Manifest            |  1 -
 sci-libs/matio/matio-1.5.21.ebuild | 46 --------------------------------------
 2 files changed, 47 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b978a17ecb4e1ccd62317d664e9af15fb3034f24

commit b978a17ecb4e1ccd62317d664e9af15fb3034f24
Author:     Andrew Ammerlaan <andrewammerlaan@gentoo.org>
AuthorDate: 2022-05-09 17:00:15 +0000
Commit:     Andrew Ammerlaan <andrewammerlaan@gentoo.org>
CommitDate: 2022-05-09 17:19:27 +0000

    sci-libs/matio: add 1.5.23
    
    Bug: https://bugs.gentoo.org/842258
    Bug: https://bugs.gentoo.org/803131
    Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>

 sci-libs/matio/Manifest            |  1 +
 sci-libs/matio/matio-1.5.23.ebuild | 46 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+)

Comment 10 John Helmert III archtester

2022-05-10 16:08:46 UTC

(In reply to Larry the Git Cow from comment #9) 
> https://gitweb.gentoo.org/repo/gentoo.git/commit/
> ?id=b978a17ecb4e1ccd62317d664e9af15fb3034f24
> 
> commit b978a17ecb4e1ccd62317d664e9af15fb3034f24
> Author:     Andrew Ammerlaan <andrewammerlaan@gentoo.org>
> AuthorDate: 2022-05-09 17:00:15 +0000
> Commit:     Andrew Ammerlaan <andrewammerlaan@gentoo.org>
> CommitDate: 2022-05-09 17:19:27 +0000
> 
>     sci-libs/matio: add 1.5.23
>     
>     Bug: https://bugs.gentoo.org/842258
>     Bug: https://bugs.gentoo.org/803131
>     Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
> 
>  sci-libs/matio/Manifest            |  1 +
>  sci-libs/matio/matio-1.5.23.ebuild | 46
> ++++++++++++++++++++++++++++++++++++++
>  2 files changed, 47 insertions(+)

Are these issues fixed in this release?

Comment 11 Hans de Graaff gentoo-dev

2023-10-15 09:41:11 UTC

Changes in 1.5.22 (25 March 2022)
* Fixed heap-based buffer overflows when reading (crafted) MAT file
  (CVE-2020-36428, CVE-2021-36977)

Comment 12 Larry the Git Cow gentoo-dev

2024-08-11 14:39:40 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=23426cc73fa2cb8d57029b4e6ff9275d0a0ef884

commit 23426cc73fa2cb8d57029b4e6ff9275d0a0ef884
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-08-11 14:39:15 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-08-11 14:39:32 +0000

    [ GLSA 202408-26 ] matio: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/803131
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202408-26.xml | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)