Bug 906770 (CVE-2014-9050) - VUL-0: CVE-2014-9050: clamav: heap-based buffer overflow when scanning crypted PE files
Summary: VUL-0: CVE-2014-9050: clamav: heap-based buffer overflow when scanning crypte...
Status: RESOLVED FIXED
Alias: CVE-2014-9050
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/110963/
Whiteboard: maint:released:sle11-sp1:59794 maint:...
Keywords:
Depends on:
Blocks:
 
Reported: 2014-11-24 09:25 UTC by Johannes Segitz
Modified: 2015-02-18 18:36 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2014-11-24 09:25:17 UTC 
We have this already covered in the other submit, so nothing to do here, just for documentation.

rh#1167139

A heap-based buffer overflow flaw was found in ClamAV when scanning Windows PE files that were crypted with y0da's Crypter. Scanning a malicious PE file could cause ClamAV to crash or, potentially, execute arbitrary code.

Upstream fix: https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1167139
http://seclists.org/oss-sec/2014/q4/757
https://bugzilla.clamav.net/show_bug.cgi?id=11155
Comment 1 Reinhard Max 2014-11-24 13:21:00 UTC 
Resubmitted the packages with a reference to this bug and CVE added to the changes file.
Comment 3 Swamp Workflow Management 2014-11-24 23:00:15 UTC 
bugbot adjusting priority
Comment 4 Swamp Workflow Management 2014-12-05 09:05:40 UTC 
openSUSE-SU-2014:1560-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 903489,903719,904207,906077,906770
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
openSUSE 13.2 (src):    clamav-0.98.5-2.5.2
openSUSE 13.1 (src):    clamav-0.98.5-22.3
openSUSE 12.3 (src):    clamav-0.98.5-5.30.3
Comment 5 Marcus Meissner 2014-12-05 10:19:25 UTC 
released
Comment 6 Swamp Workflow Management 2014-12-05 18:05:47 UTC 
SUSE-SU-2014:1571-1: An update that solves two vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 899395,903489,903719,904207,906077,906770
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    clamav-0.98.5-0.5.1
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    clamav-0.98.5-0.5.1
Comment 7 Swamp Workflow Management 2014-12-05 20:05:43 UTC 
SUSE-SU-2014:1574-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 903489,903719,904207,906077,906770
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    clamav-0.98.5-0.5.1
SUSE Linux Enterprise Server 11 SP3 (src):    clamav-0.98.5-0.5.1
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    clamav-0.98.5-0.7.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    clamav-0.98.5-0.5.1
Comment 9 Swamp Workflow Management 2015-02-02 09:09:22 UTC 
SUSE-SU-2015:0188-1: An update that solves two vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 903489,903719,904207,906077,906770,908731,914505
CVE References: CVE-2013-6497,CVE-2014-9050
Sources used:
SUSE Linux Enterprise Server 12 (src):    clamav-0.98.5-6.1
SUSE Linux Enterprise Desktop 12 (src):    clamav-0.98.5-6.1